XSSTRON – Electron JS Browser To Find XSS Vulnerabilities

Stella Sebastian
Posted by Stella Sebastian February 2, 2021

superior_hosting_service

xss
xss

Electron JS Browser To Find XSS Vulnerabilities Automatically

Powerful Chromium Browser to find XSS Vulnerabilites automatically while browsing web, it can detect many case scenarios with support for POST requests too

Installation

Download this repo files or (git clone https://github.com/RenwaX23/XSSTRON)
cd XSSTRON
npm install
npm start

Usage

Just browse the web like a normal web browser then it will automatically look for XSS vulns in background and show them in a new window with POC

xsstron
xsstron
xsstron url scan
xsstron-url-scan

GET request POC

xsstron get
xsstron-get

POST request POC

xsstron POST
xsstron-POST

Known issues

Some users in certain linux distributions get into some problems try these

  • Try to update npm and nodejs to latest version
  • delete node_modules folder and reinstall
  • in package.json change the electron devDepencies to (electron11-bin)
  • install electron using (npm install electron) and run the app with electron using (electron .) with each step remember to delete the node_modules folder and re install again using (npm install)

Failed to serialize arguments is known issue and might be fixed soon 🙂

Thanks for

Github Link
SSRF plugin for burp
Tags: