Skip to content

coffinxp/loxs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 

Repository files navigation




Loxs Multi Vulnerability Scanner for web application
L = Local File Inclusion (LFI)
O = Open Redirection (OR)
X = Cross Site Scripting (XSS)
S = Structured Query Language Injection (SQLi)
Carriage Return Line Feed Injection (CRLF)

Loxs is an easy-to-use tool that finds web issues like LFI - OR - SQLi - XSS - CRLF.

Made by - AnonKryptiQuz x Coffinxp x HexShad0w x Naho x 1hehaq!





Features About
LFI Scanner Detect Local File Inclusion vulnerabilities.
OR Scanner Identify Open Redirect vulnerabilities.
SQL Scanner Detect SQL Injection vulnerabilities.
XSS Scanner Identify Cross-Site Scripting vulnerabilities.
CRLF Scanner Detect Carriage Return Line Feed Injection vulnerabilities.
Multi-threaded Scanning Improved performance through multi-threading.
Customizable Payloads Adjust payloads to suit specific targets.
Success Criteria Modify success detection criteria for specific use cases.
User-friendly CLI Simple and intuitive command-line interface.
Save Vulnerable URLs Option to save vulnerable URLs to a file for future reference.
HTML Report Generation Generates a detailed HTML report of found vulnerabilities.




Language Packages
Python Python 3.x webdriver_manager selenium aiohttp beautifulsoup4 colorama rich requests gitpython prompt_toolkit pyyaml Flask



Installation

Clone the repository

git clone https://github.com/coffinxp/loxs.git
cd loxs

Install the requirements

pip3 install -r requirements.txt

Run the Script

python3 loxs.py

Input Information
Input URL/File Provide a single URL or an input file containing multiple URLs for scanning.
Payload File Select or provide a custom payload file for the specific type of vulnerability scanning.
Success Criteria Define patterns or strings indicating a successful exploitation attempt.
Concurrent Threads Set the number of threads for multi-threaded scanning.
View and Save Results Display results in real-time during the scan, and save vulnerable URLs for future use.

Customization
Custom Payloads Modify or create payload files for different vulnerability types to target specific apps.
Success Criteria Adjust the tool's success patterns to more accurately detect successful exploitations.
Concurrent Threads Control the number of threads used during the scan for performance optimization.

Chrome Installation

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo dpkg -i google-chrome-stable_current_amd64.deb
  • If you encounter any errors during installation, use the following command:
sudo apt -f install
sudo dpkg -i google-chrome-stable_current_amd64.deb

Chrome Driver Installation

wget https://storage.googleapis.com/chrome-for-testing-public/128.0.6613.119/linux64/chromedriver-linux64.zip
unzip chromedriver-linux64.zip
cd chromedriver-linux64 
sudo mv chromedriver /usr/bin

Warning

Loxs is intended for educational and ethical hacking purposes only. It should only be used to test systems you own or have explicit permission to test. Unauthorized use of third-party websites or systems without consent is illegal and unethical.