Skip to content

dmdhrumilmistry/XSS-Data-Harvestor

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
app.py
app.py
 
 
config.json
config.json
 
 
model.py
model.py
 
 
requirements.txt
requirements.txt
 
 
wsgi.py
wsgi.py
 
 

Repository files navigation

XSS-Data-Harvestor

Harvest data from XSS vulnerabilites to XSS-Data-Harvestor API

Example: Hijack Cookies by exploting XSS vulnerable applications to dump and retreive data over the internet using ssh tunelling or on hosted platform.

Installation

  • Install Python

  • Install requirements

    python -m pip install -r requirements.txt

Start Applications

  • using flask

    python app.py # debug mode

  • Using gunicorn wsgi

    gunicorn wsgi:app --bind 0.0.0.0:5000

Endpoints

Endpoint Methods Description
/api/ * API home
/api/hacked GET, POST accepts hacked data in json/form data format or from url parameter
/api/get_hacked_data GET returns hacked data in json format

About

Hijack Cookies by exploting XSS vulnerable applications

Topics

flask xss python3 xss-vulnerability flask-api xss-exploitation flask-sqlalchemy cookie-hijack

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages