How to find mass Html Injection & XSS ( easy way )

Hello I am a Bug Bounty Hunter, and today I’m gonna show you how to find Html injection & XSS in an easy way it’s like an automatic scanner.

DISCLAIMER: This is for educational purposes only

First step you need to have these tools:

gau which makes it more easy for you to crawl websites for parameters like ( php?id= )

aquatone this tool screenshots all websites which you crawled with gau

httpx check responses of your web list ( 200 OK, 404 Not Found, etc. )

After you’ve downloaded these tools you can start hunting.

Cat your txt file which you got from gau and add these following command “cat yourfile.txt | grep ?id= | sed ‘s/=.*/=/’ > html-test.txt ( also you can grep for others parameters which have = on it ).

Then edit html-test.txt with gedit or with any text editor ( but not in terminal ) and replace ?id= ( or your parameter you got ) with ?id={html injection code with photo } and then scan with httpx for status code or you can scan directly with aquatone to screenshot all your weblist which added to check for vuln web.

Screenshots will be saved as folder named Screenshots on your folder where your terminal located then open it and check with photo if photo is there then your script has been injected and also these websites could be vuln to XSS

You can use my test photo payload to get response same as me in this in aquatone screenshot.

payload used in photo :

“><img src = “https://upload.wikimedia.org/wikipedia/commons/8/85/Logo-Test.png">