Hi this is very nice tool. My request is if any special characters are identified by the tool that reflecting in response, will this tool able to generate the XSS payloads based on the identified special character? If not, try to bring this tool. this will be a great help.
i see your videos alot about automation can u make methdology video about how to manuel testing & tips , tbh i found 4 xss in vdp 2 dublecate with automation & 2 valid with manuel testing
Great Video man! thanks alot, but I have a question, this too checks the url only which is accessible, without login that means we have pages or modules which are hidden until we login, how to use this tool after succesfull login and then real modules test takes place. Please suggest. I have been looking for different automation for xss but all of them only works for open pages but not after login or may be I dont know how to use them after login. Once again thanks for your efforts.
Hy can help me for this issue please! -uThe system cannot find the file specified. Command 'cat res.txt | grep '=' | sort -u' returned non-zero exit status 1.
It's problem because this tool just run in linux , i use windows 11 and cmd not support cat command , I installed ubuntu subsystem and executed in bash and it work successfully : ) @@BePracticalTech
\"is reflecting but didnt produce payload instead it shows connection reset ..continuously...why?i injected a basic xss payload ..but tgere is no response in burpsuite repeater.why?
Can you help me bro? it says 'is reflecting in the response but when I try to use a paylaod it says access denied what should I do could you please help me?
Katana isnot working No command katana found, did you mean: Command botan3 in package botan3 Command cantata in package cantata from the x11-repo repository
Another thing, I tried the tool and it gave me list of urls which says [+] > is reflecting in the response [+] ' is reflecting in the response [+] " is reflecting in the response [+] < is reflecting in the response [+] / is reflecting in the response [+] Testing parameter name: but when I tried it with the payload which it says, I could not able to see xss on the webshite? Any suggestions?
![I.N "HALLUCINATION" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/n5B5q1Hwt_U/mqdefault.jpg)
please make a video on how to install katana in windows
its great seeing people moving to WSL all in one no external software required
Nice tools. 🎉
Great 😊 working 😍
fantastic
Amezing ♨️
Hi this is very nice tool. My request is if any special characters are identified by the tool that reflecting in response, will this tool able to generate the XSS payloads based on the identified special character? If not, try to bring this tool. this will be a great help.
i see your videos alot about automation can u make methdology video about how to manuel testing & tips , tbh i found 4 xss in vdp 2 dublecate with automation & 2 valid with manuel testing
Is Manuel ok with him being tested?
@@ptyspawnbinbashbro 💀💀💀
What about a SQL one ? will you soon release it ? ( BLIND SQL ) test for all parametres
awesome bro
goooog job
This tool looks to be great for most of the wp websites however do you have something for the website post logins?
@BePracticalTech does the current payloads includes WAF bypass?
Great Video man! thanks alot, but I have a question, this too checks the url only which is accessible, without login that means we have pages or modules which are hidden until we login, how to use this tool after succesfull login and then real modules test takes place. Please suggest. I have been looking for different automation for xss but all of them only works for open pages but not after login or may be I dont know how to use them after login. Once again thanks for your efforts.
Any suggestions here ?
great video but after found xss vuln. teach how to exploit them pls.
Hy
can help me for this issue please!
-uThe system cannot find the file specified.
Command 'cat res.txt | grep '=' | sort -u' returned non-zero exit status 1.
It's problem because this tool just run in linux ,
i use windows 11 and cmd not support cat command ,
I installed ubuntu subsystem and executed in bash and it work successfully : )
@@BePracticalTech
\"is reflecting but didnt produce payload instead it shows connection reset ..continuously...why?i injected a basic xss payload ..but tgere is no response in burpsuite repeater.why?
@@BePracticalTech email sent
katana not found what i do
Can you help me bro? it says 'is reflecting in the response
but when I try to use a paylaod it says access denied what should I do could you please help me?
@@BePracticalTechSame as My problem sir ...
Waf is blocking the payload
No It doesn't @@BePracticalTech
Bro please help karr kam se kam bolde pakda to nahi jaunga na??
So file gas to be bamed katana.txt always? And for scan single url, do we have to give parameters
Yes, you do need to provide the url containing the parameter eg. testphp.vulnweb.com/index.php?name=batman
Katana isnot working
No command katana found, did you mean:
Command botan3 in package botan3
Command cantata in package cantata from the x11-repo repository
You need to install katana from github
@@BePracticalTech Now its working 🫶. Take Love🖤 from Bangladesh 🇧🇩
Another thing, I tried the tool and it gave me list of urls which says
[+] > is reflecting in the response
[+] ' is reflecting in the response
[+] " is reflecting in the response
[+] < is reflecting in the response
[+] / is reflecting in the response
[+] Testing parameter name:
but when I tried it with the payload which it says, I could not able to see xss on the webshite? Any suggestions?
@@BePracticalTech
@@BePracticalTech yep! not reflecting, so basically portal is auto encoding it.
@@BePracticalTech thank you man!
Respect bro
Can you make a video on file upload in details
payloads are not show
Can you add -proxy option please it will be beast thank you
Will it be able to bypass Waf?
Please, is it possible to provide the katana.txt file
Is xss_vibes offline or online attack. Like does it create any traffic while ruuning?
Great lesson!
Why don't you run on Linux?
Xss vibes tool is not working
is it just for reflected xss
Currently yes
Katana command not found bro
Same
Same here ayy
He is not replying to anyone but only liking ur comments... hahaha
Cuz it's obvious. You need to install tools before eventually using them lol.
king
He is not replying to anyone but only liking ur comments... hahaha
it's not a new tool man , this just xss strike 🙄🙄🙄🙄
:)
how to generate payload?>,',",/, is reflecting is there any website to generate?
brother can i get your telegram username i want talk something with thank you