The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities.
docker
and docker-compose
installedhost.example.com
) which you can map to your server's IP (have DNS control for)To set up XSS Hunter Express, modify the docker-compose.yaml
file with your appropriate settings/passwords/etc.
The following are some YAML fields (in docker-compose.yaml
) you'll need to modify before starting the service:
HOSTNAME
: Set this field to your hostname you want to use for your payloads and to access the web admin panel. Often this is as short as possible (e.g. xss.ht
) so the payload can be fit into various fields for testing. This hostname should be mapped to the IP address of your instance (via a DNS A
record).SSL_CONTACT_EMAIL
: In order to automatically set up and renew TLS/SSL certificates via Let's Encrypt you'll need to provide an email address.The following are needed if you want email notifications:
SMTP_EMAIL_NOTIFICATIONS_ENABLED
: Leave enabled to receive email notifications (you must set this up via the below configurations as well).SMTP_HOST
: The host of your SMTP server where your email account is hosted (e.g. smtp.gmail.com
).SMTP_PORT
: The port of your SMTP server (e.g. 465
).SMTP_USE_TLS
: Utilize TLS if your SMTP server supports it.SMTP_USERNAME
: The username of the email account on your SMTP server (e.g. exampleuser
).SMTP_PASSWORD
: The password of the email account on your SMTP server (e.g. Password1!
).SMTP_FROM_EMAIL
: The email address of your email account on the SMTP server (e.g. exampleuser@gmail.com
).SMTP_RECEIVER_EMAIL
: What email the notifications will be sent to. This may be the same as the above but could be different.Finally, the following is worth considering for the security conscious:
CONTROL_PANEL_ENABLED
: If you want to minimize the attack surface of your instance you can disable the web control panel. This makes it so you'll only receive emails of payload fires (results will still be stored on disk and in the database).Once you've set it up, simply run the following commands to set up the service:
# Change into the repo directory
cd xsshunter-express/
# Start up postgres in the background
docker-compose up -d postgresdb
# Start up the service
docker-compose up xsshunterexpress
Assuming all has gone well, you'll see an admin password printed onto your screen. Use this to log into the web panel now hosted at https://your-hostname.com/admin/
.
NOTE: The very first HTTP request to your instance will be slow due to the fact that the service will automatically generate a TLS/SSL certificate. This should only take ~15 seconds.
gzip
-Compressed Payload Fire Images: All images are stored with gzip
compression to utilize less hard disk space on your instance.crossdomain.xml
policies on internal systems which normally couldn't be accessed.
vue-black-dashboard
framework. Licensed under MIT (see https://github.com/creativetimofficial/vue-black-dashboard#licensing).Find a security vulnerability in this service? Nice job! Please email me at mandatory(at)gmail.com
and I'll try to fix it as soon as possible.