xss.sh is the automation of the following work
- subfinder -d indeed.com -o indeed.txt //Find Subdomains
- httpx -l subdomains.txt -o httpx.txt // Live Subdomains
- echo "indeed.com" | gau --threads 5 >> Enpoints.txt // Find Endpoints
- cat httpx.txt | katana -jc >> Enpoints.txt // Find More Endpoints
- cat Enpoints.txt | uro >> Endpoints_F.txt // Remove Duplicates
- cat Endpoints_F.txt | gf xss >> XSS.txt // Filter Endpoints for XSS
- cat XSS.txt | Gxss -p khXSS -o XSS_Ref.txt // Find reflected Parameters
- dalfox file XSS_Ref.txt -o Vulnerable_XSS.txt // Find XSS
Usage: ./xss.sh
Automatically Save all XSS results in Vulnerable_XSS.txt.
