Automated way to Find Cross-Site Scripting XSS

Hey If you want to find XSS - Cross Site Scripting Vulnerability Using automated way then follow given steps and you can find xss vulnerability.

Image: XSS

Requirement:

> Kali Linux or Parrot Os

> Tools - > ParamSpider, Gxss, Arjun, Dalfox

Steps: You can run below commands one by one.

>> python3 ~/tools/ParamSpider/paramspider.py --domain testphp.vulnweb.com

>> cd output/

>> ls

>> cat testphp.vulnweb.com.txt | Gxss

>> cat testphp.vulnweb.com.txt | Gxss -p cyber

>> cat testphp.vulnweb.com.txt | Gxss -p cyber | dalfox pipe --mining-dict ~/tools/Arjun/arjun/db/params.txt --skip-bav

Bash Script:

#!/bin/bash

echo Enter Target Name: 

read varname

python3 ~/Tools/ParamSpider/paramspider.py --domain $varname

cd output

ls

cat $varname.txt | Gxss -p XSS

cat $varname.txt | Gxss -p XSS | dalfox pipe --mining-dict ~/Tools/Arjun/arjun/db/params.txt --skip-bav