XSS Automation
XSS Automation is a Bash script designed for bug bounty hunting and penetration testing. It automates the process of collecting and analyzing domain reconnaissance data, utilizing various tools to gather URLs, subdomains, and potential XSS vulnerabilities for a given domain.
Key Features:
- Automatic Installation: Installs necessary tools for reconnaissance and vulnerability scanning.
- Domain Data Collection: Gathers data using tools like waybackurls, gau, subfinder, and more.
- Subdomain Discovery: Identifies active subdomains with httpx.
- URL Crawling: Uses gospider, hakrawler, and katana for in-depth URL analysis.
- Path Deduplication: Normalizes and removes duplicate URLs with uro.
- Live Endpoint Check: Verifies live endpoints using httpx.
- XSS Vulnerability Detection: Uses gf and dalfox to identify potential XSS vulnerabilities.
Benefits:
- Streamlines the reconnaissance process for security professionals.
- Provides a comprehensive set of tools for effective vulnerability detection.
- Designed for educational purposes and authorized use in bug bounty programs.
Highlights:
- Ensure you have the necessary tools installed before running the script.
- Follow the prompts to perform reconnaissance on a domain and generate detailed output files.
