Skip to content
/ postBasedXSS Public
forked from hoodoer/postBasedXSS

Demo of various ways to exploit post based reflected XSS

License

Unlicense license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

a6thmfsin/postBasedXSS

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
src
src
 
 
static
static
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
postXssServer.py
postXssServer.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

postBasedXSS

Demo/lab of some ways to practically exploit post based reflected XSS

Requirements: flask

Install requirements with: pip install -r requirements.txt

Run the server with: python postXssServer.py

In your browser (preferably configured to proxy through Burp) navigate to: http://localhost:80

Demos ways to exploit POST based reflected XSS

  • Method Tampering
  • CSRF
  • Spoofed JSON CSRF Attack

@hoodoer

Drew.Kirkpatrick@TrustedSec.com

About

Demo of various ways to exploit post based reflected XSS

Resources

Readme

License

Unlicense license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%