Giter Club home page Giter Club logo

xss-receiver's Introduction

XSS Receiver

基于 Flask 的 xss 接收 + payload 管理平台,

主要功能:

  • 在特定路由上保存访问历史以及携带数据
  • 命中特定路由时发送邮件
  • 动态切换路由及其对应的 payload 文件
  • 管理、编辑 payload
  • Docker 快速部署

安装

  1. clone
git clone https://github.com/rmb122/xss-receiver.git
  1. 安装

修改 docker-compose.yml 里面的 environment 成想要的配置

  • URL_PREFIX 为管理面板的路径, 建议修改为不易猜出的路径, 例如 /e7ca70a07ec48cdc74c2217f55d08c383d37e62d
  • LOGIN_PASSWORD 为登录密码, 其他可以不用修改

然后

sudo docker-compose up -d

稍等一会等待数据库初始化即可.

注意:

  1. 快速开始

文件中新建或上传一个任意名字的文件, 之后在规则中设置一个进行记录的路由, 比如 /, 并将映射文件设为刚刚上传的文件.
然后访问网站根目录, 可以看到返回的是刚刚设置的文件, 并且记录了访问所携带的数据.

使用 Nginx 反代

如果想与其他网站共存, 可以采用 nginx 反代, 修改 docker-compose.yml 里的 BEHIND_PROXY 为 True, 然后将客户端 IP 通过 X-Real-IP 发给后端即可.
Nginx 配置可参考 docker/reverse_proxy.conf.

使用截图

xss-receiver's People

Contributors

rmb122 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.