By Brute Logic
Research & Development in Offensive Security.

 

Back to Top

State of the art in XSS Testing

CONFIDENCE BY DESIGN

KNOXSS has a high level of confidence by design. It has almost zero false positive rate (since it has to pop the alert box to prove vulnerability) and low false negative rate regarding its XSS coverage. Its extensive list of covered XSS cases also makes it the best option out there for this kind of vulnerability.
FEATURES
KNOXSS RULES_ KNOXSS RULES_

GAME CHANGER_

Test with the smartest JavaScript injections ever.

Superior Technology

KNOXSS detects and proves XSS flaws automatically with little to no effort of the user. Just feed KNOXSS with your target URL and it will pop an alert box if it's exploitable according to its dozens of XSS covered cases.

Community Acknowledgement

KNOXSS is online for 7 years already and it's responsible for several success cases with thousands of PoCs. From bug hunters to penetration testers, KNOXSS was used by more than 18k users throughout this time.

Outstanding support

KNOXSS service is able to offer fast technical support via X (former Twitter) chat sometimes in a matter of minutes. It's provided by knowledgeable people with experience and deep understanding of automated testing and Cross-Site Scripting.

GAME CHANGER_ GAME CHANGER_

FUTURE IS HERE_

Join the next revolution in offensive security tools.

Testimonials

"Via knoxss i found bypass for xss it work on 30 other parameters programs paid me 12000$'

Lu3ky13

Lu3ky13

Bug Hunter
Twitter

"I'm in love with this thing @KN0X55. This is the 8th unbelievable DOM XSS find by #knoxss. I'm damn sure it's impossible to find such vulnerabilities manually."

@nav1n0x

@nav1n0x

Bug Hunter
Twitter

"Found multiple cross site scripting on main domain using @KN0X55"

@Rohan_Lew

@Rohan_Lew

Bug Hunter
Twitter

"I was awarded a bounty for a reflected xss vulnerability 🙂 thanks @KN0X55 you made my day"

@14000i

@14000i

Bug Hunter
Twitter

"Huge shoutout to @KN0X55! Found some XSS vulns during the trial period, and one of them got me a bounty today. Thanks for the amazing tool!"

@0xPugal

@0xPugal

Bug Hunter
Twitter

"Multiple cross site scripting found on main domain using @KN0X55 $$$"

@shubhamtiwari_r

@shubhamtiwari_r

Bug Hunter
Twitter

They Say