xsserve

🚀 Usage

This tool simplifies XSS exploitation by combining a socket-based HTTP server with the power of ngrok. It enables you to quickly launch a local server and make it publicly accessible, making it easier to share payloads or demonstrate XSS vulnerabilities.

There are basically three endpoints:

Endpoint	What does it to
/FILENAME	Serves the file named FILENAME in the files/ directory, like a standard HTTP server.
/*	Logs any access to other endpoints directly in your console, giving you full visibility into unexpected requests.

Ideal for pentesters, security researchers, and cybersecurity enthusiasts who need a lightweight and versatile tool for XSS testing. Some CLI argument are provided to enhance user experience:

Argument	What does it to
-v, --verbose	By default, only the first line of every request and the body are printed. With -v, all headers sent along with the request are also printed
-p, --port	By default, xsserve listens on a random port between 65000 and 65100. With -p you can specify a custom port
-n, --ngrok	Launches an ngrok tunnel that listens on the xsserve port. Ngrok provides a public address, which is useful if you don’t have a VPS or don’t want to set up port forwarding.

Source

The source code and installation instructions are accessible here.