LazyXss is an automation tool designed to test and confirm XSS (Cross-Site Scripting) vulnerabilities, specifically focusing on reflected XSS in URLs.
/$$ /$$ /$$
| $$ | $$ / $$
| $$ /$$$$$$ /$$$$$$$$ /$$ /$$| $$/ $$/ /$$$$$$$ /$$$$$$$
| $$ |____ $$|____ /$$/| $$ | $$ \ $$$$/ /$$_____//$$_____/
| $$ /$$$$$$$ /$$$$/ | $$ | $$ >$$ $$ | $$$$$$| $$$$$$
| $$ /$$__ $$ /$$__/ | $$ | $$ /$$/\ $$ \____ $$\____ $$
| $$$$$$$$| $$$$$$$ /$$$$$$$$| $$$$$$$| $$ \ $$ /$$$$$$$//$$$$$$$/
|________/ \_______/|________/ \____ $$|__/ |__/|_______/|_______/
/$$ | $$
| $$$$$$/
\______/
usage: lazyxssX5.py [-h] [-u URL] [-f FILE] [-t THREADS] [-e ENCODING] [-o OUTPUT] [-T TIME_SEC]
XSS Vulnerability Checker Tool
options:
-h, --help show this help message and exit
-u URL, --url URL Specify a single URL to test for XSS vulnerabilities.
-f FILE, --file FILE Specify a file containing a list of URLs to test.
-t THREADS, --threads THREADS
Specify the number of threads to use (default: 5).
-e ENCODING, --encoding ENCODING
Specify the number of times to encode payloads (default: 0).
-o OUTPUT, --output OUTPUT
Specify a custom file name for output results (default: result.txt).
-T TIME_SEC, --time-sec TIME_SEC
Specify connection timeout in seconds (default: 10).
LazyXss automates the process of detecting reflected XSS vulnerabilities in URLs. This tool does not scan for DOM-based XSS or other types of vulnerabilities. It focuses exclusively on reflected XSS based on the provided URL. Thank you for using LazyXss!
- Automated Testing: Quickly checks for reflected XSS vulnerabilities in URLs.
- Configurable Payloads: Allows you to specify and encode payloads for testing.
- Proxy Support: Optionally use proxies for testing to avoid detection and IP blocking.
- Logging: Detailed logging of test results and server status.
- Multi-Platform Support: Easy installation and setup on Windows, Debian-based, Fedora-based, and macOS systems.
- Handle urls on file
- Improving the proxy and encoding the payloads
- Increase Threads for testing multliples urls
- Command line mode
- GUI Mode: A graphical user interface for easier configuration and use.
- Advanced Reporting: Detailed and customizable reports of test results.
Ensure you install the latest version of Google Chrome and the corresponding version of ChromeDriver for your device to avoid errors.
-
Clone the Repository
git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss -
Install Dependencies
pip install -r requirements.txt
-
Run the Installer
python installer.py
-
Start LazyXss
python LazyXss.py -h
-
Update and Upgrade Packages
sudo apt update && sudo apt upgrade -
Install Dependencies
sudo apt install git python3-pip git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss pip3 install -r requirements.txt -
Run the Installer
python3 installer.py
-
Start LazyXss
python3 LazyXss.py -h
-
Update Packages
sudo dnf update
-
Install Dependencies
sudo dnf install git python3-pip git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss pip3 install -r requirements.txt -
Run the Installer
python3 installer.py
-
Start LazyXss
python3 LazyXss.py
-
Install Homebrew (if not already installed)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -
Install Dependencies
brew install git python git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss pip3 install -r requirements.txt -
Run the Installer
python3 installer.py
-
Start LazyXss
python3 LazyXss.py
If you encounter any issues or have suggestions for improvements, please share them with us. Contributions are always welcome!
Running LazyXss may consume significant CPU resources. Ensure you are using a machine with adequate performance to avoid potential slowdowns or crashes. It is not recommended for use on low-specification systems.