Skip to content

Demo of various ways to exploit post based reflected XSS

License

Notifications You must be signed in to change notification settings

hoodoer/postBasedXSS

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

postBasedXSS

Demo/lab of some ways to practically exploit post based reflected XSS

Requirements: flask

Install requirements with: pip install -r requirements.txt

Run the server with: python postXssServer.py

In your browser (preferably configured to proxy through Burp) navigate to: http://localhost:80

Demos ways to exploit POST based reflected XSS

  • Method Tampering
  • CSRF
  • Spoofed JSON CSRF Attack

@hoodoer

[email protected]

About

Demo of various ways to exploit post based reflected XSS

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages