Searching for XSS vulnerability is very important for a cyber security annalist or a bug bounty hunter. How to find it? Well, there are many way to find XSS vulnerabilities, but in this article we are going to discuss about the most easiest way to find it.

XSSTRON is a electron JS browser to find XSS vulnerabilities, it is a powerful Chromium browser to find XSS vulnerabilities automatically during browsing web XSSTRON also can detect many case scenarios with support for POST requests too. XSSTRON is best for beginners as well as very good for professionals, everyone in this field should try this tool for at least one time.

Without wasting more time lets install XSSTRON on Kali Linux, same method will usable on any other Debian-based Linux distribution.

Installing XSSTRON on Kali Linux

First of all we need to install NodeJS and npm from here or we can run following command on our Kali Linux system:

sudo apt install npm

We also need to install electron on our system by using following command:

sudo npm install -g electron --unsafe-perm=true --allow-root

This command may took couple of minutes to complete depending on our internet speed and system performance.

Then we can install XSSTRON from it’s GitHub repository. We need to run following command to clone this repository on our Kali Linux terminal.

git clone https://github.com/RenwaX23/XSSTRON

The screenshot of the above command is following:

After the cloning we need to navigate in to the XSSTRON directory by using cd command:

cd XSSTRON

Now we can install this by using following command:

sudo npm install

This process also take some time to install packages and configure electron browser on our system. Coffee break .

In the following screenshot we can see that XSSTRON is successfully installed on our system.

Now we can run it by using following command:

electron . --no-sandbox

The above command will launch the nice-looking, smooth Electron browser, as we can see it on the following screenshot:

Source: Read More