Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/darklotuskdb/SSTI-XSS-Finder
XSS Finder Via SSTI
https://github.com/darklotuskdb/SSTI-XSS-Finder
bug bugbounty bugbounty-tool bugbountytips dorks hacking ssti tool vulnerability xss
Last synced: 21 days ago
JSON representation
XSS Finder Via SSTI
- Host: GitHub
- URL: https://github.com/darklotuskdb/SSTI-XSS-Finder
- Owner: darklotuskdb
- License: gpl-3.0
- Created: 2021-01-25T07:57:34.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2023-09-14T20:07:26.000Z (about 1 year ago)
- Last Synced: 2024-08-05T17:45:34.542Z (4 months ago)
- Topics: bug, bugbounty, bugbounty-tool, bugbountytips, dorks, hacking, ssti, tool, vulnerability, xss
- Language: Shell
- Homepage:
- Size: 28.3 KB
- Stars: 54
- Watchers: 3
- Forks: 14
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - darklotuskdb/SSTI-XSS-Finder - XSS Finder Via SSTI (Shell)
README
# Server Side Template Injection(SSTI) - XSS Finder
This tool will grap all target subdomains from shodan that are using AsgularJS Technology and in output it will provide us with XSS payload related to AngularJS version of that subdomain.## Prerequisites
```
1. npm i -g wappalyzer
2. pip install -U setuptools
3. pip install shodan
4. shodan init YOUR_API_KEY
``````
git clone https://github.com/darklotuskdb/ssti-xss-finder.git && cd ssti-xss-finder && chmod +x *.sh
```## Usage
Linux```
./SSTI-XSS-Finder.sh like org:target | hostname:target.com | net:127.0.0.1
```## Screenshot
![sstixss](https://user-images.githubusercontent.com/29382875/105679509-92b12680-5f14-11eb-9eab-441dc2c8d16d.png)## Reference
* https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/XSS%20in%20Angular.md## Donation
[BuyMeACoffee](https://www.buymeacoffee.com/darklotus) If you like my work## About Me
* **DarkLotus** - *Cyber Security Researcher* - [DarkLotusKDB](https://darklotuskdb.github.io/KDBhati/)
### Social Media Handles
* [Twitter](https://twitter.com/darklotuskdb)
* [Medium](https://darklotus.medium.com/)
* [Linkedin](https://www.linkedin.com/in/kamaldeepbhati/)
* [Instagram](https://www.instagram.com/kamaldeepbhati/)