Skip to content

darklotuskdb/SSTI-XSS-Finder

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Server Side Template Injection(SSTI) - XSS Finder

This tool will grap all target subdomains from shodan that are using AsgularJS Technology and in output it will provide us with XSS payload related to AngularJS version of that subdomain.

Prerequisites

1. npm i -g wappalyzer
2. pip install -U setuptools
3. pip install shodan
4. shodan init YOUR_API_KEY
git clone https://github.com/darklotuskdb/ssti-xss-finder.git && cd ssti-xss-finder && chmod +x *.sh

Usage

Linux

./SSTI-XSS-Finder.sh <Shodan-Dork>  like  org:target | hostname:target.com | net:127.0.0.1

Screenshot

sstixss

Reference

Donation

BuyMeACoffee If you like my work

About Me

Social Media Handles