forked from trufflesecurity/xsshunter
-
Notifications
You must be signed in to change notification settings - Fork 45
/
Copy pathnotification.js
120 lines (110 loc) · 3.08 KB
/
notification.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
const sendgrid = require('@sendgrid/mail')
const fetch = require('node-fetch');
sendgrid.setApiKey(process.env.SENDGRID_API_KEY)
const mustache = require('mustache');
const fs = require('fs');
const XSS_PAYLOAD_FIRE_EMAIL_TEMPLATE = fs.readFileSync(
'./templates/xss_email_template.htm',
'utf8'
);
async function send_email_notification(xss_payload_fire_data, email) {
const notification_html_email_body = mustache.render(
XSS_PAYLOAD_FIRE_EMAIL_TEMPLATE,
xss_payload_fire_data
);
const fire_location = (!xss_payload_fire_data.encrypted ? xss_payload_fire_data.url : 'With An Encryption Key');
const msg = {
from: process.env.EMAIL_FROM,
to: email,
subject: `[XSS Hunter Express] XSS Payload Fired On ${fire_location}`,
text: "Only HTML reports are available, please use an email client which supports this.",
html: notification_html_email_body,
asm: {
groupId: parseInt(process.env.SENDGRID_UNSUBSRIBE_GROUP_ID),
groupsToDisplay: [
parseInt(process.env.SENDGRID_UNSUBSRIBE_GROUP_ID)
]
},
}
response = await sendgrid
.send(msg)
.catch((error) => {
console.error(error);
})
console.debug("Message emailed with status %d", response[0].statusCode);
return true;
}
async function send_discord_notification(xss_payload_fire_data, discord_webhook) {
const fire_location = (!xss_payload_fire_data.encrypted ? xss_payload_fire_data.url : 'With An Encryption Key');
fetch(
discord_webhook,
{
method: 'post',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
username: 'XSS Hunter',
content: `XSS triggered on ${fire_location}`,
}),
}
);
return true;
}
async function send_slack_notification(xss_payload_fire_data, slack_webhook) {
const fire_location = (!xss_payload_fire_data.encrypted ? xss_payload_fire_data.url : 'With An Encryption Key');
fetch(
slack_webhook,
{
method: 'post',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
text: `XSS triggered on ${fire_location}`,
}),
}
);
return true;
}
async function send_custom_notification(xss_payload_fire_data, custom_webhook) {
const fire_location = (!xss_payload_fire_data.encrypted ? xss_payload_fire_data.url : 'With An Encryption Key');
fetch(
custom_webhook,
{
method: 'post',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
sender: 'XSS Hunter',
content: `XSS triggered on ${fire_location}`,
}),
}
);
return true;
}
async function send_telegram_notification(xss_payload_fire_data, telegram_webhook, telegram_chat_id) {
const fire_location = (!xss_payload_fire_data.encrypted ? xss_payload_fire_data.url : 'With An Encryption Key');
fetch(
telegram_webhook,
{
method: 'post',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
chat_id: telegram_chat_id,
text: `XSS triggered on ${fire_location}`,
}),
}
);
return true;
}
module.exports = {
send_email_notification,
send_discord_notification,
send_slack_notification,
send_custom_notification,
send_telegram_notification
}