{"id":13437496,"url":"https://github.com/evilcos/xssor2","last_synced_at":"2025-06-14T19:03:39.383Z","repository":{"id":41128740,"uuid":"95342894","full_name":"evilcos/xssor2","owner":"evilcos","description":"XSS'OR - Hack with JavaScript.","archived":false,"fork":false,"pushed_at":"2021-12-12T09:58:05.000Z","size":875,"stargazers_count":2151,"open_issues_count":2,"forks_count":383,"subscribers_count":94,"default_branch":"master","last_synced_at":"2025-02-15T00:53:50.887Z","etag":null,"topics":["csrf","encoding","hack","hacking-tool","pentest","pentest-tool","probe","xss"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/evilcos.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-06-25T06:32:10.000Z","updated_at":"2025-02-14T14:28:26.000Z","dependencies_parsed_at":"2022-08-10T01:35:39.604Z","dependency_job_id":null,"html_url":"https://github.com/evilcos/xssor2","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evilcos%2Fxssor2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evilcos%2Fxssor2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evilcos%2Fxssor2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/evilcos%2Fxssor2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/evilcos","download_url":"https://codeload.github.com/evilcos/xssor2/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240075508,"owners_count":19744091,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csrf","encoding","hack","hacking-tool","pentest","pentest-tool","probe","xss"],"created_at":"2024-07-31T03:00:57.717Z","updated_at":"2025-02-21T19:31:15.090Z","avatar_url":"https://github.com/evilcos.png","language":"JavaScript","funding_links":[],"categories":["JavaScript","Tools","\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","Exploitation","Weapons","JavaScript (485)"],"sub_categories":["Offensive","\u003ca id=\"5d7191f01544a12bdaf1315c3e986dff\"\u003e\u003c/a\u003eXSS\u0026\u0026XXE","XSS Injection","Tools"],"readme":"# XSS'OR\nXSS'OR - Hack with JavaScript.\n\n## ONLINE\nYou can have a try:\n\nhttps://xssor.io and http://xssor.io/\n\nIt contains three major modules: Encode/Decode, Codz, Probe.\n\n## INSTALL\n\nPython 3 with Django 3.0.* or Python 2 with Django 1.11.*\n\n* git clone https://github.com/evilcos/xssor2 or download directly\n* cd xssor2\n* modify xssor/payload/probe.js\n```javascript\nxssor.cmd_url = location.protocol + '//xssor.io/cmd'; // replace xssor.io to your domain or ip address\n```\n* pip3/pip install -r requirement.txt\n* python3/python manage.py runserver 0.0.0.0:8000\n\nBrowser http://[yourip]:8000 to enjoy.\n\nIf you want to deploy it with Nginx, you can use uWSGI.\n\nIf you want to delete probe automatically, you can use crontab to this script file(xssor/probeclear.py).\n\nTry it by yourself.\n\n## DOCKER\n\nYou can build this project with docker\n\n```bash\ndocker build -t xssor:latest .\n```\n\nRun the app with\n\n```bash\ndocker run -d -p [port]:8000 xssor:latest [probe domain or ip]\n```\n\n\n\n## CHANGELOG\n\n```\nUPDATE: 2020/07/28\n\n*. Increase support for docker.\n\nUPDATE: 2020/02/05\n\n*. Compatible with Python 2 and Python 3.\n*. Compatible with Django 1.11.* and Django 3.0.*.\n*. Fix some bugs.\n\nUPDATE: 2018/07/29\n\n*. Compatible with HTTP and HTTPS.\n\nUPDATE: 2017/09/23\n\n*. Upgrade JS BEAURIFY.\n*. Fix PACKER/UNPACKER error bug.\n\nUPDATE: 2017/08/20\n\n*. Increase support for mobile more friendly.\n\nUPDATE: 2017/08/13\n\n*. Fix Probe bug to file:// protocol.\n*. Fix Probe bug in mobile app while without cookie.\n*. Improve Probe Status.\n\nUPDATE: 2017/05/07\n\n*. Encode/Decode, enhanced.\n*. Codz, enhanced.\n*. Probe, free to try.\n*. Complete rewriting with Python, Django, Bootstrap, jQuery, ...\n*. Independent domain: xssor.io.\n```\n\nBE EVIL, DON'T BE BAD.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevilcos%2Fxssor2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fevilcos%2Fxssor2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevilcos%2Fxssor2/lists"}