Skip to content

Automation tool to testing and confirm the xss vulnerability.

Notifications You must be signed in to change notification settings

random-robbie/LazyXss

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GitHub issues GitHub stars GitHub license Telegram Made with Python

LazyXss

LazyXss is an automation tool designed to test and confirm XSS (Cross-Site Scripting) vulnerabilities, specifically focusing on reflected XSS in URLs.

 /$$                                     /$$   /$$                   
| $$                                    | $$  / $$                   
| $$        /$$$$$$  /$$$$$$$$ /$$   /$$|  $$/ $$/  /$$$$$$$ /$$$$$$$
| $$       |____  $$|____ /$$/| $$  | $$ \  $$$$/  /$$_____//$$_____/
| $$        /$$$$$$$   /$$$$/ | $$  | $$  >$$  $$ |  $$$$$$|  $$$$$$ 
| $$       /$$__  $$  /$$__/  | $$  | $$ /$$/\  $$ \____  $$\____  $$
| $$$$$$$$|  $$$$$$$ /$$$$$$$$|  $$$$$$$| $$  \ $$ /$$$$$$$//$$$$$$$/
|________/ \_______/|________/ \____  $$|__/  |__/|_______/|_______/ 
                               /$$  | $$                             
                              |  $$$$$$/                             
                               \______/

usage: lazyxssX5.py [-h] [-u URL] [-f FILE] [-t THREADS] [-e ENCODING] [-o OUTPUT] [-T TIME_SEC]

XSS Vulnerability Checker Tool

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     Specify a single URL to test for XSS vulnerabilities.
  -f FILE, --file FILE  Specify a file containing a list of URLs to test.
  -t THREADS, --threads THREADS
                        Specify the number of threads to use (default: 5).
  -e ENCODING, --encoding ENCODING
                        Specify the number of times to encode payloads (default: 0).
  -o OUTPUT, --output OUTPUT
                        Specify a custom file name for output results (default: result.txt).
  -T TIME_SEC, --time-sec TIME_SEC
                        Specify connection timeout in seconds (default: 10).

About LazyXss 📝

LazyXss automates the process of detecting reflected XSS vulnerabilities in URLs. This tool does not scan for DOM-based XSS or other types of vulnerabilities. It focuses exclusively on reflected XSS based on the provided URL. Thank you for using LazyXss!

Lazy XSS

Features v1.1✨

  • Automated Testing: Quickly checks for reflected XSS vulnerabilities in URLs.
  • Configurable Payloads: Allows you to specify and encode payloads for testing.
  • Proxy Support: Optionally use proxies for testing to avoid detection and IP blocking.
  • Logging: Detailed logging of test results and server status.
  • Multi-Platform Support: Easy installation and setup on Windows, Debian-based, Fedora-based, and macOS systems.
  • Handle urls on file
  • Improving the proxy and encoding the payloads
  • Increase Threads for testing multliples urls
  • Command line mode

Upcoming Features 🚀

  • GUI Mode: A graphical user interface for easier configuration and use.
  • Advanced Reporting: Detailed and customizable reports of test results.

Setup LazyXss 🛠

Ensure you install the latest version of Google Chrome and the corresponding version of ChromeDriver for your device to avoid errors.

Installation Instructions

Windows

  1. Clone the Repository

    git clone https://github.com/iamunixtz/LazyXss.git
    cd LazyXss
  2. Install Dependencies

    pip install -r requirements.txt
  3. Run the Installer

    python installer.py
  4. Start LazyXss

    python LazyXss.py -h

Debian-based Systems (e.g., Ubuntu)

  1. Update and Upgrade Packages

    sudo apt update && sudo apt upgrade
  2. Install Dependencies

    sudo apt install git python3-pip
    git clone https://github.com/iamunixtz/LazyXss.git
    cd LazyXss
    pip3 install -r requirements.txt
  3. Run the Installer

    python3 installer.py
  4. Start LazyXss

    python3 LazyXss.py -h 

Fedora-based Systems

  1. Update Packages

    sudo dnf update
  2. Install Dependencies

    sudo dnf install git python3-pip
    git clone https://github.com/iamunixtz/LazyXss.git
    cd LazyXss
    pip3 install -r requirements.txt
  3. Run the Installer

    python3 installer.py
  4. Start LazyXss

    python3 LazyXss.py

macOS

  1. Install Homebrew (if not already installed)

    /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
  2. Install Dependencies

    brew install git python
    git clone https://github.com/iamunixtz/LazyXss.git
    cd LazyXss
    pip3 install -r requirements.txt
  3. Run the Installer

    python3 installer.py
  4. Start LazyXss

    python3 LazyXss.py

Contributions and Feedback 🤧

If you encounter any issues or have suggestions for improvements, please share them with us. Contributions are always welcome!

Warning ⚠️

Running LazyXss may consume significant CPU resources. Ensure you are using a machine with adequate performance to avoid potential slowdowns or crashes. It is not recommended for use on low-specification systems.

About

Automation tool to testing and confirm the xss vulnerability.

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 100.0%