XSS hunter ported on cloudflare serverless workers ! This script serves JS payloads from cloudflare workers and redirects the incoming callbacks to telegram. (Telegram bot token is not exposed to victims) It generates blind XSS reports that looks like this.
- Login to your cloudflare account and create a serverless worker.
- Replace the
ChatIDvalues inside the
- Paste the
index.jscontents into the cloudflare worker script editor.
Save and Deploy. All done !
Here is an example blind XSS payload.