AutoRecon-XSS is a script designed for automated reconnaissance of XSS vulnerabilities. It crawls the target URL or alive domains, extracts potential vulnerable URLs, and checks them for XSS vulnerabilities.
git clone https://github.com/un9nplayer/AutoRecon-XSS.git
cd AutoRecon-XSS
chmod +x AutoRecon-XSS.sh
Installation:
subfinder: go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest
httpx : go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest
qsreplace: go install github.com/tomnomnom/qsreplace@latest
waybackurls: go install github.com/tomnomnom/waybackurls@latest
bash AutoRecon-XSS.sh <Target-URL> <Url-Recon-Year> <"XSS-Payload-you-wanna-Test">
Example:
bash AutoRecon-XSS.sh http://testphp.vulnweb.com 2000 "<script>alert(1)</script>"
You can reach out to the author via the following channels:
Please use AutoRecon-XSS responsibly and only for ethical purposes. Always adhere to legal and ethical standards when conducting security assessments or vulnerability scanning. The author and contributors of AutoRecon-XSS are not responsible for any misuse or illegal activities conducted with this tool.