Expand description
Async Rust client for out-of-band interaction servers.
Register a unique URL, inject it into scan targets, then poll for callbacks. Detects blind vulnerabilities (SSRF, blind XSS, DNS exfiltration) that produce no visible response but trigger outbound requests to your interaction server.
use interactsh::{InteractshClient, ClientConfig, InteractionContext};
let client = InteractshClient::new(ClientConfig::default()).await?;
let url = client.generate_url(
InteractionContext::new("my-scan").with_attribute("scanner", "demo")
)?;
// inject url.url into your target...
let interactions = client.poll().await?;
for hit in &interactions {
println!("callback: {}", hit.event.protocol);
}