WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications (WILSON) with the ability to serve custom content in order to appropriately respond to the client issuing the request. It is probably most useful to security testers and bug bounty hunters.
When exploiting bugs that interact with an external server (e.g. SSRF or some XSS), it is sometimes useful to serve custom content on specific paths on the remote server. With WILSON Cloud Respwnder you can setup a fully functional PHP web server with transparent logging of all incoming DNS and HTTP requests to a Slack or Discord channel.
subdomain.yourdomain.com
to the same web server, allowing you to choose meaningful names that are easy to work with;/data/blacklist.txt
;/www
;WILSON Cloud Respwnder requires you to have a registered domain yourdomain.com
with its nameserver(s) pointing to the server where you're installing this.
git clone https://github.com/honoki/wilson-cloud-respwnder
;./setup.sh yourdomain.com
to generate the required config files;settings.env
to include your Slack and/or Discord webhooks;sudo docker-compose up -d
https://random-subdomain.yourdomain.com/randompage
/logs/mitm/http.log
when that happens;test.sub.yourdomain.com
) will resolve to your server, but will not automatically have a valid certificate due to limitations of LetsEncrypt. This means HTTP requests will work as expected, but HTTPS requests will likely fail.Thanks to @michenriksen for suggesting the name Wilson, referencing the Wilson cloud chamber used to visualize the passage of ionizing radiation.