https://github.com/saeed0xf/xss-scraper
A shell script to find xss vulnerablities. 🐞
https://github.com/saeed0xf/xss-scraper
bash bash-script shell
Last synced: 12 months ago
JSON representation
A shell script to find xss vulnerablities. 🐞
- Host: GitHub
- URL: https://github.com/saeed0xf/xss-scraper
- Owner: saeed0xf
- Created: 2021-10-30T13:32:48.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2021-10-30T15:12:05.000Z (over 4 years ago)
- Last Synced: 2025-07-05T00:06:22.794Z (12 months ago)
- Topics: bash, bash-script, shell
- Language: Shell
- Homepage:
- Size: 116 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# XsScraper
A bash script to find XSS vulnerabilities in web applications. It's a combination of different tools. Like, kxss, dalfox and waybackurls. All these 3 tools are required to run this script.
# Required Installations
Kxss :
````
go get github.com/Emoe/kxss
````
Dalfox :
````
go install github.com/hahwul/dalfox/v2@latest
````
Waybackurls :
````
go get github.com/tomnomnom/waybackurls
````
XsScraper :
````
git clone https://github.com/zerodayrat/XsScraper.git
cd XsScraper
chmod +x *.sh
````
# Run the script
````
./xsscraper.sh site.com
````
Note : `xsscraper-ol.sh` is just an one liner you can run that script after getting all urls from waybackmachine
````shell
while read FILE1;do grep -aiE $FILE1 waybackurls.txt > filtered.txt;done < filter-1.txt; while read FILE2;do grep -viE $FILE2 filtered.txt;done < filter-2.txt | sort -u | kxss | awk '{print $2}' | dalfox pipe --custom-payload xss-payload-list.txt --mining-dict params.txt --skip-bav -S
````
For any queries ping me on Twitter