QuickXSS – Automating XSS using Bash

quickxss

Bash Script to Automate XSS using Waybackurls, GF, GF Patterns and Dalfox.

Here are their Repositories:

  1. GF
  2. GF Patterns
  3. Dalfox
  4. Waybackurls
  5. Gau

Pre-Requisites

Install Go in your Machine and then install required Tools.

For installing Go in your system:

sudo apt install -y golang
export GOROOT=/usr/lib/go
export GOPATH=$HOME/go
export PATH=$GOPATH/bin:$GOROOT/bin:$PATH
source .bashrc

Install Tools in one go !

chmod +x install.sh
./install.sh

For Installing Pre-Requisites (In case you want to do it one by one):

go get -u github.com/tomnomnom/gf
go get github.com/tomnomnom/waybackurls
GO111MODULE=on go get -v github.com/hahwul/dalfox/v2
GO111MODULE=on go get -u -v github.com/lc/gau
mkdir .gf
cp -r $GOPATH/src/github.com/tomnomnom/gf/examples ~/.gf
git clone https://github.com/1ndianl33t/Gf-Patterns
mv ~/Gf-Patterns/*.json ~/.gf

Installation

git clone https://github.com/theinfosecguy/QuickXSS.git
cd QuickXSS
chmod +x QuickXSS.sh

Usage

Provide your Target & XSSHunter Payload as the Argument. For generating XSS Hunter Payload: Check This

QuickXSS Usage 

./QuickXSS.sh -d <target.com>
./QuickXSS.sh -d <target.com> -b <blindxss.xss.ht>
./QuickXSS.sh -d <target.com> -o xss_results.txt 
./QuickXSS.sh -d <target.com> -b <blindxss.xss.ht> -o xss_results.txt

Special Thanks

Special Thanks to all these for their amazing tools heart :

  1. TomNomNom for Waybackurls and GF
  2. Shiv Chouhan for GF Patterns
  3. HAHWUL for Dalfox
  4. Corben Leo for gau
  5. Zemo for his amazing video.

Support !

If QuickXSS helped you land a Bounty ! Support me & Buy me a Ko-Fi

Buy Me a Ko-Fi

React out to me if you have any ideas to make this better via Twitter