xss_bomb Front-end update

go back / p4p1

---

Created on Wen. 06 Sept 2023

---

---

Hello again ^^ it's me. During the last two months of absolute crazy work I also spent some time revamping xss_bomb a little bit and since the mobile app was really outdated I wanted to build a new Web Front-end!

With this new front-end I wanted to take the opportunity to practice more with the bootstrap framework. Also during development of the front-end I had a few cool ideas I could add to the project. This post is as usual a quick devlog on how I designed the front-end and what I was trying to achieve personally.

Design

For the design I used a very classic solution, I basically just have the css for the style the html for the content and the Javascript for handling the API calls. With this simple design I do allow myself to do a lot of mistakes in the code which could lead to security holes but I just wanted to have something to demo the project not a fully secure app that could be deployed. My main objective was to have something that works.

For the CSS and the overall HTML structure I did use a free bootstrap template for admin panels that can be found here.

When you look at the final product it is obvious that the page is based upon the template with a few CSS adjustments:

Struggles

The main struggle I faced in this project was mainly motivation. I have been working on xss_bomb for the later part of a 3years on and off obviously I do have a full time job.

I really haven't done many posts about the mental side of all of this and I think maybe for some people that are looking at my work and what I do thinking that I am some kind of krack head that just lives breaths code it would seem a bit strange. I don't really open much about my mental state on this blog since I wish to keep it technical as much as I can since that is at the core what I care the most about. To make it short working on the front-end for this was hard for me to get into. I mainly just wanted to go out and party or just meet people, at the end of the day IT is quite lonely and is more of a mental struggle than anything when it is your passion like this but also your full time job. I've learned a lot about myself for the past 10months and I think maybe I could give some good advice to someone that needs motivation or just tips on how to keep on going. Since I actually enjoy it the only part that is hard for me is guetting in the groove of doing it. For example this post I started working on it at 4pm in the afternoon it is now 9pm I spent hours just messing about on youtube instead of actually doing it. Now I did need a break after working all day. But most of the time I get a bit confused since I'm working all day I believe that I need all evening to take a big break. In reality I could just spend 2 hours on my phone chilling eating and then slowly just add a little to the post if after 10 min I don't get in the mood of properly doing it I stop. But if I get in the groove like now I would just nuke the project. I think what kept me going on this project was mainly just the fact that I had a reminder every day at 5pm to tell me to do it. Just doing the 1% here and there is better than procrastinating for 6months going to bars every weekend and being showered in superficial things it's hard now with what is on the net to actually think long term what you actually genuinely want to be and where you want to be. I feel like bombarded every day by so many opinions that just don't matter and even if you are thicked skined it will influence you in some way or an other sadly. So good planning and slow progress helped me finish this project.

New Features

Now for the fun stuff I am guessing you are acquainted with xss_bomb already (if not read my previous articles ^^) but basically on this web version there is only one new main features. Which is the payload generator. A friend of mine tried to use xss_bomb and he is not a pentester so wrapping his head around how the tool worked was complex for him so I though a like generator where you can see in action what you can do with this tools would be a great concept:

What is cool about this page is that it will lay down for you the fundamentals of how to use your endpoint in a nice visual way for new users or people that are just lazy to do it all manually.

---

Thank you for reading this quick post I hope the different style in the middle where I opened up a bit more was interesting to you. You can follow xss_bomb on github and look at my other projects I've made a few now that are quite cool. I also recommend subscribing to the RSS feed or just following me on github or linkedin.