Home

Awesome

XSS Hunter Express

Sets up in 5 minutes and requires no maintenance

The fastest way to set up XSS Hunter to test and find blind cross-site scripting vulnerabilities.

Setup (Five minutes, try not to skim too much)

Requirements

Configuring Your Instance

To set up XSS Hunter Express, modify the docker-compose.yaml file with your appropriate settings/passwords/etc.

The following are some YAML fields (in docker-compose.yaml) you'll need to modify before starting the service:

The following are needed if you want email notifications:

Finally, the following is worth considering for the security conscious:

Build & Start XSS Hunter Express

Once you've set it up, simply run the following commands to set up the service:

# Change into the repo directory
cd xsshunter-express/
# Start up postgres in the background
docker-compose up -d postgresdb
# Start up the service
docker-compose up xsshunterexpress

Assuming all has gone well, you'll see an admin password printed onto your screen. Use this to log into the web panel now hosted at https://your-hostname.com/admin/.

NOTE: The very first HTTP request to your instance will be slow due to the fact that the service will automatically generate a TLS/SSL certificate. This should only take ~15 seconds.

Features

Screenshots

Credits

Security Vulnerabilities

Find a security vulnerability in this service? Nice job! Please email me at mandatory(at)gmail.com and I'll try to fix it as soon as possible.