All Projects → theinfosecguy → Quickxss

theinfosecguy / Quickxss

Licence: mit
Automating XSS using Bash

Programming Languages

shell
77523 projects

Projects that are alternatives of or similar to Quickxss

Findom Xss
A fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+174.34%)
Mutual labels:  xss, bugbounty
Gxss
A tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (+1.77%)
Mutual labels:  xss, bugbounty
Bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (+192.92%)
Mutual labels:  xss, bugbounty
PastebinMarkdownXSS
XSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-25.66%)
Mutual labels:  xss, bugbounty
Tiny Xss Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+762.83%)
Mutual labels:  xss, bugbounty
Eagle
Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-24.78%)
Mutual labels:  xss, bugbounty
Xspear
Powerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+415.93%)
Mutual labels:  xss, bugbounty
bhedak
A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.
Stars: ✭ 77 (-31.86%)
Mutual labels:  bugbounty, bash-script
Blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+684.96%)
Mutual labels:  xss, bugbounty
Dalfox
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+600%)
Mutual labels:  xss, bugbounty
Reconky-Automated Bash Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+47.79%)
Mutual labels:  bugbounty, bash-script
Ezxss
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+804.42%)
Mutual labels:  xss, bugbounty
Pinaak
A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-38.94%)
Mutual labels:  bugbounty, bash-script
Resources
No description or website provided.
Stars: ✭ 38 (-66.37%)
Mutual labels:  xss, bugbounty
XSS-Payload-without-Anything
XSS Payload without Anything.
Stars: ✭ 74 (-34.51%)
Mutual labels:  xss, bugbounty
Hackerone Reports
Top disclosed reports from HackerOne
Stars: ✭ 458 (+305.31%)
Mutual labels:  xss, bugbounty
xssfinder
Toolset for detecting reflected xss in websites
Stars: ✭ 105 (-7.08%)
Mutual labels:  xss, bugbounty
magicRecon
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+323.01%)
Mutual labels:  bugbounty, bash-script
Android Reports And Resources
A big list of Android Hackerone disclosed reports and other resources.
Stars: ✭ 590 (+422.12%)
Mutual labels:  xss, bugbounty
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+761.95%)
Mutual labels:  xss, bugbounty

QuickXSS


Bash Script to Automate XSS using Waybackurls, GF, GF Patterns and Dalfox.

Here are their Repositories:

  1. GF
  2. GF Patterns
  3. Dalfox
  4. Waybackurls
  5. Gau

Pre-Requisites

Install Go in your Machine and then install required Tools.

For installing Go in your system:

sudo apt install -y golang
export GOROOT=/usr/lib/go
export GOPATH=$HOME/go
export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
source .bashrc

Install Tools in one go !

chmod +x install.sh
./install.sh

For Installing Pre-Requisites (In case you want to do it one by one):

go get -u github.com/tomnomnom/gf
go get github.com/tomnomnom/waybackurls
GO111MODULE=on go get -v github.com/hahwul/dalfox/v2
GO111MODULE=on go get -u -v github.com/lc/gau
mkdir .gf
cp -r $GOPATH/src/github.com/tomnomnom/gf/examples ~/.gf
git clone https://github.com/1ndianl33t/Gf-Patterns
mv ~/Gf-Patterns/*.json ~/.gf

Installation

git clone https://github.com/theinfosecguy/QuickXSS.git
cd QuickXSS
chmod +x QuickXSS.sh

Usage

Provide your Target & XSSHunter Payload as the Argument. For generating XSS Hunter Payload: Check This

QuickXSS Usage 

./QuickXSS.sh -d <target.com>
./QuickXSS.sh -d <target.com> -b <blindxss.xss.ht>
./QuickXSS.sh -d <target.com> -o xss_results.txt 
./QuickXSS.sh -d <target.com> -b <blindxss.xss.ht> -o xss_results.txt

Special Thanks

Special Thanks to all these for their amazing tools ❤ :

  1. TomNomNom for Waybackurls and GF
  2. Shiv Chouhan for GF Patterns
  3. HAHWUL for Dalfox
  4. Corben Leo for gau
  5. Zemo for his amazing video.

Support !

If QuickXSS helped you land a Bounty ! Support me & Buy me a Ko-Fi

Buy Me a Ko-Fi

React out to me if you have any ideas to make this better via Twitter

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].