XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing.
This tool was built to test (XSS|SSRF|CORS|SSTI|IDOR|RCE|LFI|SQLI) vulnerabilities
Example: XRCross -u/--url example.site
XRCross <arguments> example.site <arguments>
Optional Arguments:
-h --help show this help message and exit
-s --subdo Check Subdomains
-H --host Host Live Check
-sw --scrw Scraping wayback for data
-js Jsurls
-php Phpurls
-asp ASP
-html Html
-D --dir Check Dir Status Response
-r normal Check open redirection
-redirec Check redirec Parameters
-Ss --ssrf Blind SSRF testing
-xs --xss Check Parameter XSS
-cs --cors CORS misconfiguration scanner
-gf GF parameters grep
-ssti Check SSTI Parameters
-idor Check IDOR Parameters
-rce Check RCE Parameters
-lfi Check LFI Parameters
-sqli Check SQLI Parameters
-T --takeover Check Posible Takeover
-v --verbose Verbose status code
-o Outfile
Check Subdomains
XRCross -s/--subdo example.site
Host Live Check
XRCross -H/--host example.site
Scraping wayback
XRCross -sw example.site "(-js|-php|-asp|-html)"
Check Dir Status
XRCross -D/--dir example.site
Check open redirection
XRCross -r example.site "(-redirec)"
Blind SSRF testing
XRCross -Ss/--ssrf example.site
Check Parameter XSS
XRCross -xs/--xss example.site
CORS misconfiguration scanner
XRCross -cs/--cors example.site
GF parameters grep
XRCross -gf example.site "(-ssti|-idor|-rce|-lfi|-sqli)"
Check Posible Takeover
XRCross -T/--takeover example.site
Outfile
XRCross <Arguments> example.site -o File_OUT/
Verbose Status Code
XRCross -v/--verbose example.com
root@kali~# git clone https://github.com/pikpikcu/xrcross.git
root@kali~# ./install.sh
root@kali~# ./XRCross -h