Known Flash-based XSS and Content Spoofing Flaw Hunter

This will test for known and published xss vulnerabilities against the provided swf URL.
Payloads are mixture of XSS and content spoofing via user provided inputs.
If you see an alert box, arbitrary image set via attack payloads, then your swf or url that contains swf file is vulnerable.
For some payloads, you have to click the link shown in flash file to verify whether it's vulnerable or not. This will open new attack windows at defined interval (default: 5 seconds)
Disable popup blocker and anti-XSS protection while testing.


Time in second:
SWF URL:

   

Special Thanks to MustLive for his valuable inputs and suggestions.