-
-
Notifications
You must be signed in to change notification settings - Fork 377
How to: use ezXSS
Your personal dashboard contains statistics on your personal payload reports. Use it to track the progress of your reports and stay informed on your payloads.
On this dashboard, only statistics of the payloads you hold in your account are counted. Payloads can be added to your account by admins via the Users page
Here, you can make changes to your account settings, such as updating your password and managing alerts. Some of the things you can do here include changing your password, enabling or disabling 2FA, and logging out of your account.
Additionally, you can adjust your alert settings to receive notifications via email, Telegram, Slack, or Discord when a payload you own is triggered. Please note that only alert types that have been activated by an administrator can be used. Additionally, if you are an administrator or using a single-user ezXSS installation, you may find it more convenient to set your alert settings in the "Admin -> Settings" page, where you will be alerted for any payload.
The payloads page allows you to customize your payload settings, such as extracting additional pages and managing white/blacklisted domains. Use it to edit the information that your payloads collect. The select box at the top of the page enables you to switch between all of your different payloads.
Administrators can assign additional payloads to you in the "Admin -> Users" page. You can also find different ways to inject your payloads into websites, change what information to collect, and add custom javascript that runs every time your payload is loaded. Additionally, you can extract additional pages by adding their URLs and block or whitelist certain domains to control which alerts you receive.
The admin dashboard contains various statistics and tools to help you manage and monitor the ezXSS platform.
This dashboard contain statistics of all reports within ezXSS.
The admin settings page allows you to customize and configure various features of the ezXSS platform. On the global payload settings, you can specify what types of data users are allowed to collect on their payloads and add custom javascript to be included in all payloads.
In the global alert settings, you can set up notifications to be sent to your email, Telegram, Slack, or Discord account when any payload is triggered. If you only want to be alerted for your own payloads, you should change these settings in your account settings page. You can also manage which alert options are enabled and available to be used on the platform.
At the callback alert settings, you can add a link that will be called when a payload is triggered. The report data will be sent to this link in JSON format.
Finally, the kill switch allows you to shut down the entire ezXSS platform. Any page requested from the web server will return a 404 error. To reactivate the platform, you can add "/?pass=<the password you've set up>" to any link and it will return to normal.
The users page lets you create and edit user accounts within ezXSS. Use it to manage user permissions and payloads.
Add or edit user data. Within the edit panel you can also add payloads which the user is allowed to use and view.
The reports page allows you to view, search, share, and delete all of your payload's reports. Use it to track important data and to share reports with your stakeholders.
You can also filter on specific payloads you hold using the dropdown on the top of the page.
This does not hold archived reports.
The reports page allows you to view, search, share, and delete all of your payload's reports. Use it to track important data and to share reports with your stakeholders.
You can also filter on specific payloads you hold using the dropdown on the top of the page.
This only holds archived reports.