Skip to content

darklotuskdb/SSTI-XSS-Finder

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
Payloads.txt
Payloads.txt
 
 
README.md
README.md
 
 
SSTI-XSS-Finder.sh
SSTI-XSS-Finder.sh
 
 
update.sh
update.sh
 
 

Repository files navigation

Server Side Template Injection(SSTI) - XSS Finder

This tool will grap all target subdomains from shodan that are using AsgularJS Technology and in output it will provide us with XSS payload related to AngularJS version of that subdomain.

Prerequisites

1. npm i -g wappalyzer
2. pip install -U setuptools
3. pip install shodan
4. shodan init YOUR_API_KEY

git clone https://github.com/darklotuskdb/ssti-xss-finder.git && cd ssti-xss-finder && chmod +x *.sh

Usage

Linux

./SSTI-XSS-Finder.sh <Shodan-Dork>  like  org:target | hostname:target.com | net:127.0.0.1

Screenshot

sstixss

Reference

Donation

BuyMeACoffee If you like my work

About Me

Social Media Handles

About

XSS Finder Via SSTI

Topics

tool bug hacking xss vulnerability bugbounty ssti dorks bugbountytips bugbounty-tool

Resources

Readme

License

GPL-3.0 license
Activity

Stars

53 stars

Watchers

3 watching

Forks

14 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages