Metadata-Attacker is a open source pentesting tools you’re able to create an image (.jpg), audio (.mp3) or video (.mp4) file containing your custom metadata or a set of cross-site scripting vectors to test any webservice against possible XSS vulnerabilities when displaying unfiltered meta data.
Metadata-Attacker Installation / Usage
- First install docker on your host system.
- Now you can simply run the following command:
sudo docker run -p 80:80 --rm lednerb/metadata-attacker
- When finished open your favorite browser and switch to the docker ip or http://localhost