Server Side Template Injection(SSTI) - XSS Finder

This tool will grap all target subdomains from shodan that are using AsgularJS Technology and in output it will provide us with XSS payload related to AngularJS version of that subdomain.

Prerequisites

1. npm i -g wappalyzer
2. pip install -U setuptools
3. pip install shodan
4. shodan init YOUR_API_KEY

git clone https://github.com/darklotuskdb/ssti-xss-finder.git && cd ssti-xss-finder && chmod +x *.sh

Usage

Linux

./SSTI-XSS-Finder.sh <Shodan-Dork>  like  org:target | hostname:target.com | net:127.0.0.1

Screenshot

sstixss

Reference

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/XSS%20in%20Angular.md

Donation

BuyMeACoffee If you like my work

About Me

DarkLotus - Cyber Security Researcher - DarkLotusKDB

Social Media Handles

Twitter
Medium
Linkedin
Instagram

SSTI-XSS-Finder
SSTI-XSS-Finder copied to clipboard

Metadata

Server Side Template Injection(SSTI) - XSS Finder

Prerequisites

Usage

Screenshot

Reference

Donation

About Me

Social Media Handles

← Metadata

Owner

Metadata

SSTI-XSS-Finder SSTI-XSS-Finder copied to clipboard

Metadata

Server Side Template Injection(SSTI) - XSS Finder

Prerequisites

Usage

Screenshot

Reference

Donation

About Me

Social Media Handles

← Metadata

Owner

Metadata

SSTI-XSS-Finder
SSTI-XSS-Finder copied to clipboard