Search the Community
Showing results for tags 'ezxss'.
-
Features Easy to use dashboard with settings, statistics, payloads, view/share/search reports Unlimited users with permissions to personal payloads & their reports Instant alerts via mail, Telegram, Slack, Discord or custom callback URL Custom javascript payloads Custom payload links to distinguish insert points Extract additional pages, block, whitelist and other filters Secure your login with Two-factor (2FA) The following information can be collected on a vulnerable page: The URL of the page IP Address Any page referer (or share referer) The User-Agent All Non-HTTP-Only Cookies All Locale Storage All Session Storage Full HTML DOM source of the page Page origin Time of execution Payload URL Screenshot of the page Extract additional defined pages much much more, and, its just ez 🙂 Required Server or hosting with PHP 7.1 or up Domain name (consider a short one) SSL Certificate to test on https websites (consider Cloudflare or Let's Encrypt for a free SSL) ezXSS v4.0 Latest I am excited to announce the release of ezXSS v4.0, a major update to the XSS tool. This version includes at least the following new features and improvements: Completely re-coded, resulting in clean, readable code that is easy to understand and maintain Multi-user setup that allows for roles and payload separation Alerts via Slack and Discord in addition to existing support for email and Telegram Redesigned pages and fixed styling bugs More statistics on the dashboards Improved reports view and search Ability to render collected DOM pages Lots of smaller bug fixes and much much more amazing things! It is highly recommended to update to ezXSS v4.0, as version 3.x will no longer be supported due to its old codebase. If you are currently running an older version of ezXSS, please make sure to first update to version >3.10 before upgrading to v4.0. Also, after updating, the default username will be "admin". Thank you for your continued support and I hope you enjoy using the new and improved ezXSS v4.0! [hide][Hidden Content]]
-
ezXSS is an easy way to test (blind) Cross-Site Scripting. Current features Easy to use dashboard with statics, payloads, view/share/search reports and more Payload generator Instant email alert on the payload Custom javascript for extra testing Prevent double payloads from saving or alerting Share reports with other ezXSS users Easily manage and view reports in the system Search for reports in no time Secure your system account with extra protection (2FA) The following information is collected on a vulnerable page: The URL of the page IP Address Any page referer (or share referer) The User-Agent All Non-HTTP-Only Cookies Full HTML DOM source of the page Page origin Time of execution its just ez 🙂 Changelog v3.6 In order to update ezXSS 3.x to 3.6 you need to rename config.ini.example to config.ini and fill in your database information. Your database information is no longer stored in the Database.php. Changelog: Fixed #56, bug on deleting reports on page 2 or up Fixed and added #55, custom send mail from Added config file Renamed some things Fixed some other small bugs [hide][Hidden Content]]
-
ezXSS ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. Current features Some features ezXSS has Easy to use dashboard with statics, payloads, view/share/search reports and more Payload generator Instant email alert on payload Custom javascript payload Enable/Disable screenshots Prevent double payloads from saving or alerting Block domains Share reports with a direct link or with other ezXSS users Easily manage and view reports in the dashboard Secure your login with extra protection (2FA) The following information is collected on a vulnerable page: The URL of the page IP Address Any page referer (or share referer) The User-Agent All Non-HTTP-Only Cookies All Locale Storage All Session Storage Full HTML DOM source of the page Page origin Time of execution Screenshot of the page its just ez 🙂 Required A host with PHP 7.1 or up A domain name (consider a short one) An SSL if you want to test on https websites (consider Cloudflare or Let's Encrypt for a free SSL) Installation ezXSS is ez to install Clone the repository and put the files in the document root Create an empty database and provide your database information in 'src/Database.php' Visit /manage/install in your browser and setup a password and email Done! That was ez right? Demo [Hidden Content] Download [hide][Hidden Content]]