Server Side Template Injection(SSTI) - XSS Finder

This tool will grap all target subdomains from shodan that are using AsgularJS Technology and in output it will provide us with XSS payload related to AngularJS version of that subdomain.

Prerequisites

1. npm i -g wappalyzer
2. pip install -U setuptools
3. pip install shodan
4. shodan init YOUR_API_KEY

git clone https://github.com/darklotuskdb/ssti-xss-finder.git && cd ssti-xss-finder && chmod +x *.sh

Usage

Linux

./SSTI-XSS-Finder.sh <Shodan-Dork>  like  org:target | hostname:target.com | net:127.0.0.1

Screenshot

Reference

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/XSS%20in%20Angular.md

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
LICENSE		LICENSE
Payloads.txt		Payloads.txt
README.md		README.md
SSTI-XSS-Finder.sh		SSTI-XSS-Finder.sh
update.sh		update.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

LICENSE

LICENSE

Payloads.txt

Payloads.txt

README.md

README.md

SSTI-XSS-Finder.sh

SSTI-XSS-Finder.sh

update.sh

update.sh

Repository files navigation

Server Side Template Injection(SSTI) - XSS Finder

Prerequisites

Usage

Screenshot

Reference

Donation

About Me

Social Media Handles

About

Releases

Packages

Languages

License

darklotuskdb/SSTI-XSS-Finder

Folders and files

Latest commit

History

Repository files navigation

Server Side Template Injection(SSTI) - XSS Finder

Prerequisites

Usage

Screenshot

Reference

Donation

About Me

Social Media Handles

About

Topics

Resources

License

Stars

Watchers

Forks

Languages