Skip to content
/ Argus Public

Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection

12 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Rahim7X/Argus

BranchesTags

Repository files navigation

Argus

Logo

Description

Arus is an interactive Blind XSS and SSRF testing tool that you can setup for free using firebase and netlify

Features

  • HTTP request logs
  • Blind XSS : Fetch loaded dom
  • Blind XSS : Screenshot the vulnerable page

Installation

Follow these steps to install the project:

  1. Clone the repository: 
    git clone https://github.com/rahim7x/Argus.git
  2. Navigate to the project directory: 
    cd Argus
  3. Install the required dependencies: 
    npm install && npm install -g netlify-cli
  4. Create a firebase project and then create a new realtime databse
  5. Create a Firebase Service Account Key:

In your Firebase project's settings, go to the "Service Accounts" tab. Create a new service account and grant it the necessary permissions to access your Realtime Database. Download the service account key as a JSON file.

  1. Open Argus/netlify/functions/config.js in a text editor and add the service account key as a JSON in authData field
  2. Also add your database url in targetUrl field
  3. Change the credentials (username and password) in Argus/netlify/functions/config.js
  4. Then run netlify login to log into your account , to test it locally run netlify dev
  5. Deploy the project by running netlify deploy --prod

Usage

Once deployed in netlify use any non existing endpoint of your Argus domain / Or Just copy exiting payloads from /index.html

About

Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection

Topics

pingback xss xss-detection ssrf blind-xss http-logger ssrf-t

Resources

Readme
Activity

Stars

12 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages