New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve Logging #15

Open

LewisArdern opened this issue Nov 28, 2018 · 1 comment

Labels

Owner

LewisArdern commented Nov 28, 2018

Currently its just console log, if this was to be effectively used by a blue team, need to configure something such as winston.

LewisArdern added the enhancement label

Owner Author

LewisArdern commented Nov 26, 2021

This would also be good to include the ability to capture the URLs where the XSS happened so you can use it for future automated attacks, e.g.

You use the craft URL where the bXSS hit previously in a known vulnerable component used widely
You can data-mine parameters that were once vulnerable and use that for future 'this has been vulnerable in the past' or something of that nature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment