Sometimes when we are performing a pentest or bug bounties we need an external site to verify some blind injections or exfiltrate data. This is known as Out-of-Band or just OOB.

Also in some of the newest vulnerabilities found, such as log4j, also needed a OOB DNS resource to validate if a machine could be compromised.

There are some free Out-of-band (OOB) resources available on the internet, let's review the most important ones:

1. Burpcollaborator: Paid resource, you will need Burpsuite to run it.

2. Interact.sh: Free resource, you can interact directly in their Web UI. No need to register.

3. Canarytokens.org: Free resource, sends you the result via your email or your webhook!

4. requestbin.net: Free, no registration. Valid for HTTP and DNS requests.

5. dnslog.cn: Free, no registration.

6. If you have a VPS you can just use netcat to intercept any traffic coming to your host with: nc -vvv -l -p 8080 for example, if you are expecting traffic on port 8080. If you would like to check against log4j just substitute the port by LDAP port 389 like nc -vvv -l -p 389

You might be also interested in:

Learn Pentesting like a Pro

Interactsh: Open-Source OOB solution for SSRF, Blind SQLi, ... in Kali Linux

Project Discovery, the same people behind Nuclei scanner that allows you to customize vulnerability scanning from YAML templates, just released another awesome project called Interactsh. To keep it quick and short, it's a free alternative to Burpsuite Collaborator…

Read more

4 years ago · jacobo