Welcome to Selenium Oxide’s documentation!

Contents:

• Installation
  • Unix/macOS
  • Windows
  • Getting Started
• First Strike
  • Cracking Juice Shop Admin
  • A Note on XPaths
  • Stealthy Exploitation
• API
  • Class ExploitBuilder
  • Class SelectBy
  • Class SeO2User

Selenium Oxide is a web exploitation automation framework designed around the needs of penetration testers and attack/defense CTF players alike! When Requests isn’t enough, or if you don’t want to worry about spoofing headers, this is an excellent alternative!

The module offers a slimmer API than standard Selenium, and has multiple handy features, such as:

• Stealth functionality

• Builder pattern exploit writing

• Automatic browser binary configuration

• Cookie dumping

• Flexible selection options (XPath, ID, CSS, etc.)

• Alert waiting

• Proxy support

Planned features include:

• Payload generation

• Selenium IDE file support

• More as suggested or encountered in field testing

Why the Name?

When making this module I initially struggled with what to call it. I happened to look at another module, named Selenium Wire, and decided yeah, you know what, using Selenium in the name is fair game. Selenium Oxide sounded cool, and when I looked up information on the chemical it read that it was at least somewhat dangerous.

A dangerous version of Selenium. Checks out for an offsec platform.