A tool for detecting out-of-band vulnerabilities
Interactsh is an open-source tool developed by ProjectDiscovery for detecting out-of-band (OOB) vulnerabilities. These are vulnerabilities that may not be identified using conventional tools or methods. Interactsh operates by generating dynamic URLs. When these URLs are requested by a target, they trigger a callback. This callback can then be monitored and analyzed to identify potential vulnerabilities in the target.
Check out our blog introducing Interactsh and view the repo here.
The Interactsh tool comprises two main components: interachsh-client
and interachsh-server
. Each plays a critical role in the process of detecting out-of-band vulnerabilities, but they operate in distinct manners and serve different purposes.
ProjectDiscovery maintains a number of publically accessable interactsh servers that you can use in order to only run the client for your specific use case. Alternatively, you can self host your own interactsh server if you want it to run on your custom domain or you need more control over the server side interactions.
Questions about using Interactsh? Issues working through installation? Cool story or use case you want to share? Get in touch!
Check out the Help section of the docs or reach out to us on Discord.