> ## Documentation Index
> Fetch the complete documentation index at: https://docs.projectdiscovery.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Interactsh Overview

> A tool for detecting out-of-band vulnerabilities

**Interactsh** is an open-source tool developed by ProjectDiscovery for detecting [out-of-band (OOB) vulnerabilities](https://portswigger.net/burp/application-security-testing/oast). These are vulnerabilities that may not be identified using conventional tools or methods. Interactsh operates by generating dynamic URLs. When these URLs are requested by a target, they trigger a callback. This callback can then be monitored and analyzed to identify potential vulnerabilities in the target.

Check out [our blog introducing Interactsh](https://blog.projectdiscovery.io/interactsh-release/) and [view the repo here](https://github.com/projectdiscovery/interactsh).

# Features

* DNS/HTTP(S)/SMTP(S)/LDAP Interaction
* CLI / Web / Burp / ZAP / Docker client
* AES encryption with zero logging
* Automatic ACME based Wildcard TLS w/ Auto Renewal
* DNS Entries for Cloud Metadata service
* Dynamic HTTP Response control
* Self-Hosted Interactsh Server
* Multiple domain support **(self-hosted)**
* NTLM/SMB/FTP/RESPONDER Listener **(self-hosted)**
* Wildcard / Protected Interactions **(self-hosted)**
* Customizable Index / File hosting **(self-hosted)**
* Customizable Payload Length **(self-hosted)**
* Custom SSL Certificate **(self-hosted)**

## Client & Server

The Interactsh tool comprises two main components: [`interachsh-client`](/opensource/interactsh/running) and [`interachsh-server`](/opensource/interactsh/server). Each plays a critical role in the process of detecting out-of-band vulnerabilities, but they operate in distinct manners and serve different purposes.

### Interactsh Server

* Function: Captures and records callbacks from interaction URLs.
* Deployment: Hosted publicly to receive requests from tested systems.
* Use Case: Ideal for those hosting their instance for privacy or control.

ProjectDiscovery maintains a number of [publically accessable interactsh servers](/opensource/interactsh/running#projectdiscovery-interachsh-servers) that you can use in order to only run the client for your specific use case. Alternatively, you can [self host your own interactsh server](/opensource/interactsh/running#self-hosted-interactsh-server) if you want it to run on your custom domain or you need more control over the server side interactions.

### Interactsh Client

* Function: Generates URLs for testing, retrieves interaction logs from the server.
* Deployment: Runs locally for managing URLs and analyzing captured data.
* Use Case: Used by testers to create and analyze tests for out-of-band vulnerabilities.

## Support

Questions about using Interactsh? Issues working through installation? Cool story or use case you want to share? Get in touch!

Check out the [Help](/help) section of the docs or reach out to us on [Discord](https://discord.com/invite/projectdiscovery).