Skip to content
/ Argus Public

Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection

Notifications You must be signed in to change notification settings

Rahim7X/Argus

Repository files navigation

Argus

Logo

Description

Arus is an interactive Blind XSS and SSRF testing tool that you can setup for free using firebase and netlify

Features

  • HTTP request logs
  • Blind XSS : Fetch loaded dom
  • Blind XSS : Screenshot the vulnerable page

Installation

Follow these steps to install the project:

  1. Clone the repository:
    git clone https://github.com/rahim7x/Argus.git
  2. Navigate to the project directory:
    cd Argus
  3. Install the required dependencies:
    npm install && npm install -g netlify-cli
  4. Create a firebase project and then create a new realtime databse
  5. Create a Firebase Service Account Key:

In your Firebase project's settings, go to the "Service Accounts" tab. Create a new service account and grant it the necessary permissions to access your Realtime Database. Download the service account key as a JSON file.

  1. Open Argus/netlify/functions/config.js in a text editor and add the service account key as a JSON in authData field
  2. Also add your database url in targetUrl field
  3. Change the credentials (username and password) in Argus/netlify/functions/config.js
  4. Then run netlify login to log into your account , to test it locally run netlify dev
  5. Deploy the project by running netlify deploy --prod

Usage

Once deployed in netlify use any non existing endpoint of your Argus domain / Or Just copy exiting payloads from /index.html

About

Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published