https://github.com/dmdhrumilmistry/xss-data-harvestor
Hijack Cookies by exploting XSS vulnerable applications
https://github.com/dmdhrumilmistry/xss-data-harvestor
cookie-hijack flask flask-api flask-sqlalchemy python3 xss xss-exploitation xss-vulnerability
Last synced: 5 months ago
JSON representation
Hijack Cookies by exploting XSS vulnerable applications
- Host: GitHub
- URL: https://github.com/dmdhrumilmistry/xss-data-harvestor
- Owner: dmdhrumilmistry
- Created: 2022-08-09T10:12:55.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2022-08-20T19:12:05.000Z (almost 4 years ago)
- Last Synced: 2025-04-23T00:43:47.013Z (about 1 year ago)
- Topics: cookie-hijack, flask, flask-api, flask-sqlalchemy, python3, xss, xss-exploitation, xss-vulnerability
- Language: Python
- Homepage:
- Size: 10.7 KB
- Stars: 4
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# XSS-Data-Harvestor
Harvest data from XSS vulnerabilites to XSS-Data-Harvestor API
Example: Hijack Cookies by exploting XSS vulnerable applications to dump and retreive data over the internet using ssh tunelling or on hosted platform.
## Installation
- Install [Python](https://python.org/)
- Install requirements
```bash
python -m pip install -r requirements.txt
```
## Start Applications
- using flask
```bash
python app.py # debug mode
```
- Using gunicorn wsgi
```bash
gunicorn wsgi:app --bind 0.0.0.0:5000
```
## Endpoints
| Endpoint | Methods | Description |
| :------------------: | :-------: | :----------------------------------------------------------------- |
| /api/ | \* | API home |
| /api/hacked | GET, POST | accepts hacked data in json/form data format or from url parameter |
| /api/get_hacked_data | GET | returns hacked data in json format |