No description, website, or topics provided.
JavaScript Lua
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib massive initial commit Feb 27, 2013
public
routes
scripts delete Dead Drop lua script Apr 18, 2013
views
.gitignore massive initial commit Feb 27, 2013
.jshintignore massive initial commit Feb 27, 2013
.jshintrc
README.md
evilheaders.js
package.json massive initial commit Feb 27, 2013
server.js massive initial commit Feb 27, 2013

README.md

xss.io

by Adam Baldwin ver something.something.alpha

Features / About

xss.io is a cross-site scripting (xss) convenience toolkit. It's purpose is to help ease exploitation of xss vulnerabilities.

  • Create and utilize a library of reusable code snippets
  • Quickly create exploit payloads by dragging and dropping snippets
  • Use Referer based redirects to save precious payload space
  • Create and Monitor unique payload drops for blind xss exploitation

Installation

  1. Install Redis 2.6 (required for LUA scripting)
  2. Install node.js >= 0.8.4
  3. git clone git@github.com:evilpacket/xss.io.git
  4. cd xss.io
  5. npm install .
  6. Setup a twitter app id (for authentication) [somebody should add local auth ;)]
  7. Fight with bugs and steps I forgot to include here

Firefox Plugin

https://addons.mozilla.org/en-US/firefox/addon/xssio-deaddrop/

Architecture

xss.io currently runs using node.js and Redis. It's goal is to be always on and fast.

Warning

Chances are there is something missing that will prevent this for working right for you. Sorry about that. Just drop an issue or pull request and I'll get to it someday.

Other Contributors

Design by Adam Brault

License

MIT

xss.io - Copyright (C) 2012 Adam Baldwin