XSSpecter is a modular toolkit for managing and exploiting Blind Cross-Site Scripting (XSS) vulnerabilities. It provides two main components:
- 🔗 Server – Callback handling, data persistence, and a web dashboard.
- 💻 CLI – XSS payload spraying automation for penetration testing.
⚠️ Ethics Notice: This tool should only be used on systems and applications for which you have explicit permission to test. Unauthorized scanning or exploitation is illegal and unethical. Always adhere to applicable laws, regulations, and your organization's rules of engagement.
.
├── CLI/ # Command-line interface tool for XSS spraying
└── server/ # Backend and frontend for callback handling and dashboard
-
CLI - Help
-
Server - Dashboard
-
Server - Alert View
-
Server - Admin Settings
Contributions, issues, and pull requests are welcome! Please refer to the respective component README files for contribution guidelines and licensing:
This project is licensed under the MIT License. See LICENSE for details.