Latest News

How to use Proxy Strike in kali linux

Intro – ProxyStrike is an active Web Application Proxy, is a tool designed to find vulnerabilities while browsing an application. It was created because the problems faced in the pentests of web applications that depends heavily on Javascript, not many web scanners did it good
1. How to open
A. GUI Method

Application → Kali linux→ Web Applications → Web Vulnerability Scanners → proxystrike
                                                                                  (click image for large view)

B. Open Terminal type proxystrike and hit enter

2. Click on Config Tab then write 8080 on ProxyStrike listen port and click on apply. You can also leave it by default but you have to change in your browser proxy setting with same port.

3. Go to plugin Tab and check enable box. You can select sql attack or xss and ssl attack. Here we select XSS.

4. Now go to your Browser whatever you are using and change the proxy setting like here I am using Mozilla firefox so go to Edit and click on Preferences

5. Click on Advance than Network tab afterthat click on settings.

6. Here you have to choose Manual Proxy Configuration and wirte on HTTP Proxy : localhost or and write on proxy : 8080 ( if you are with default means port 8008 than here you have to write 8008) than click on OK

7. Now we are ready to surf website with proxystrike. So, write your website on address bar and hit enter.

8. Here we are inserting a simple script for xss attack and we got success.

9. If everything is well configured you will see the result on your proxystrike like image shown. There you can see all target and url and cookies etc.

10. This is Request Stats. First of all you have to click on Update stats for getting the request stats.

11. This is Variable stats. Click on Update stats for getting the variable stats.

12. In this plugins tab we got a xss attack and more information about.

13. Here you can see the log file.
(click image for large view)

No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you , ,
skype: greeenchip


This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.

Featured Post

Custom Domains And HTTPS Redirection Code