QuickXSS

Automate XSS discovery by chaining waybackurls, gau, gf, and dalfox.

Quick Start

pip install quickxss
quickxss setup --install      # Auto-install gf, dalfox, waybackurls, gau
quickxss scan -d testphp.vulnweb.com

Installation

pip install quickxss

Or with pipx:

pipx install quickxss

Usage

quickxss scan -d testphp.vulnweb.com                    # Basic scan
quickxss scan -d testphp.vulnweb.com -b blind.xss.ht    # With blind XSS callback
quickxss scan -d testphp.vulnweb.com -o results.txt     # Custom output name
quickxss setup                                          # Check dependencies
quickxss setup --install                                # Auto-install missing deps

Docker

docker build -t quickxss .
docker run --rm -it quickxss scan -d testphp.vulnweb.com

Output

Results saved to results/<domain>/:

File	Description
<domain>.txt	Raw URL collection
<domain>_xss.txt	Candidate URLs for testing
results.txt	Dalfox findings

Development

pytest                                    # Run tests
QUICKXSS_INTEGRATION=1 pytest -m integration  # Integration tests
make isort                                # Sort imports
make lint                                 # Run linter

License

MIT