Finding Automated Cross-site Scripting
Finding Automated Cross-site Scripting Installing the Tools- https://github.com/devanshbatham/ParamSpider https://github.com/hahwul/dalfox Running the Tools- python3 paramspider.py -d xyz.com > test.txt type test.txt | Gxss -p xss| dalfox pipe --mining-dict params.txt Other Way To Find XSS using GF Tool- echo "target.com" | waybackurls | tee results.txt cat results.txt | gf xss | sed 's/=.*/=/' | sed 's/URL: //' | tee results1.txt dalfox file results1.txt pipe Installing the Tools- https://github.com/tomnomnom/gf https://github.com/1ndianl33t/Gf-Patterns https://github.com/KathanP19/Gxss https://github.com/hahwul/dalfox Installing Gf Tool in Ubuntu- (use root permission) type this in terminal cd go export GOPATH=/root/go echo 'source $GOPATH/src/github.com/tomnomnom/gf/gf-completion.bash' >> ~/.bashrc cp -r $GOPATH/src/github.com/tomnomnom/gf/examples ~/.gf it should be something like this: /root/go/src/github.com/tomnomnom/gf/gf-completion.b