Installing Using wget
In this method, we are using the wget command to get the package of the KXss tool in Kali Linux. Follow the below steps to install the tool in Kali Linux using the wget command.
Step 1: If you have downloaded Golang in your system, verify the installation by checking the version of Golang, using the following command.
sudo go version
Step 2: Download the .zip file of the Kxss tool from Github, and use the following command.
sudo wget https://github.com/tomnomnom/hacks/archive/refs/heads/master.zip
Step 3: Unzip the downloaded .zip file, use the following command
sudo unzip master.zip
Step 4: A New Directory will be created named “hacks-master/kxss/ ” move in that directory using the following command.
cd hacks-master/kxss/
Step 5: Migrate to Go Modules using the below command:
sudo go env -w GO111MODULE=auto
Step 6: Now we need to Build the Tool by executing the following command.
sudo go build
Step 7: Copy the Kxss tool in the bin directory so we can easily use the tool without running the tool manually by Golang, use the following command.
sudo cp /root/go/bin/kxss /usr/local/go/bin/
Kxss – Tool to to Identify XSS Vulnerable Parameters / Patterns
Cross-site scripting is a common vulnerability and bug, which is the trending vulnerability identified in most web-based applications. The attacker injects some malicious popup javascript code in input parameters or sometimes through file uploads. So periodically, website designers or developers validate the input fields by encoding and validating the provided input by the user. So Kxss tool comes into focus for this identification. Kxss tool is a Golang language-based tool that finds the vulnerable parameters and patterns in the target domain URL. So if you get a positive result, you can make your XSS payload or use a strong XSS payload wordlist to hit and try XSS vulnerability on the target domain.