This repository contains a Command and Control Center to be contacted during a XSS attack. It extracts the victims session cookie, performs stealth attacks and privilege escalation. The attacked web application is the MISM by Amir Sanni (https://github.com/amirsanni/Mini-Inventory-and-Sales-Management-System). This attack is performed as part of a project for the course INSE6140 Application Security and Malware Defenses @ Concordia University.
An explanation of the full XSS attack using this C&C Center can be found in Chapter 5 of the report.