ACSTIS - scan web applications for AngularJS Client-Side Template Injection

Overview

ACSTIS is a ACSTIS helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application.

 

How to get this tool

To use this tool, please use a method listed below.

In a Linux (Debian OS), run the following command(s).

 

pip install https://github.com/tijme/angularjs-csti-scanner/archive/master.zip

 

Download directly from the following link:

 

How to execute

acstis -h

 

References:

 

-----

Next steps:

 

This article was contributed by Jason Jacobs from Guyana. Jason is a member of the Caribbean CSPA.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.