Powerful Chromium Browser to find XSS Vulnerabilites automatically while browsing web, it can detect many case scenarios with support for POST requests too


Become root (sudo su)

Install Node.js and npm (https://www.npmjs.com/get-npm) or (sudo apt install npm)

Download this repo files or (git clone https://github.com/RenwaX23/XSSTRON)


npm install

npm start

Some users using Debian/Ubuntu might not able to run the tool as i think it’s an issue with Electron itself, you can continue using the app in Window/OSX and Linux installed on Windows. Check Known Issues


Just browse the web like a normal web browser then it will automatically look for XSS vulns in background and show them in a new window with POC

GET request POC

POST request POC

Known issues

Some users in certain linux distributions get into some problems try these

  "devDependencies": {
"electron": "^10"

Failed to serialize arguments is known issue and might be fixed soon 🙂

Thanks for

Download XSSTRON

Leave a Reply

Your email address will not be published. Required fields are marked *