Learn how to automate the process of XSS for bug bounties and profit.


Hi everyone! In this article, I am going to show you one more method of automating XSS for bug bounties. Automation plays a very important role in the bug bounties as well as cybersecurity field as it basically automates the boring as well as some amazing stuffs for us. In this bug bounty automation series, I am going to show you how to automate the process of finding cross site scripting for bug bounties. I have crafted a very simple tool that basically uses GAU and KXSS to extract the URLS and test dangerous characters.

Cross Site Scripting is a web application vulnerability that allows an attacker to inject their own JavaScript code in the vulnerable page. By executing JavaScript, the attackers can basically control the whole structure of the webpage. Some of the most common impacts of xss are:

  • Cookie Stealing.
  • URL Redirection.
  • Webpage Manipulation

and many others. You can read more about cross site scripting over here.

Want to learn account takeover vulnerability practically? If yes, then checkout our account takeover labs:


  1. Download the file from here.

2. Install “unrar” by the following command: “sudo apt install unrar”.

3. Type “unrar e xss” in the terminal.

4. In kali terminal, Type “bash install.sh”.

5. After installation, we can use the automation tool with ease.




I hope you understood how we can automate xss for bug bounties. If you have any doubts or issues then please let me know in the comment section.

Join our telegram channel over here

Subscribe to your YouTube channel over here