Metadata-Attacker is a open source pentesting tools you’re able to create an image (.jpg), audio (.mp3) or video (.mp4) file containing your custom metadata or a set of cross-site scripting vectors to test any webservice against possible XSS vulnerabilities when displaying unfiltered meta data.

Metadata-Attacker Installation / Usage

  • First install docker on your host system.
  • Now you can simply run the following command:

sudo docker run -p 80:80 --rm lednerb/metadata-attacker

  • When finished open your favorite browser and switch to the docker ip or http://localhost

Also ReadDocker Tor Hidden Service Nginx – Easily Setup A Hidden Service Inside The Tor Network

Credit: @mniemietz,@derctwr,@Lednerb