LazyXss is an automation tool designed to test and confirm Cross-Site Scripting (XSS) vulnerabilities, specifically focusing on reflected XSS in URLs.
/$$ /$$ /$$
| $$ | $$ / $$
| $$ /$$$$$$ /$$$$$$$$ /$$ /$$| $$/ $$/ /$$$$$$$ /$$$$$$$
| $$ |____ $$|____ /$$/| $$ | $$ \ $$$$/ /$$_____//$$_____/
| $$ /$$$$$$$ /$$$$/ | $$ | $$ >$$ $$ | $$$$$$| $$$$$$
| $$ /$$__ $$ /$$__/ | $$ | $$ /$$/\ $$ \____ $$\____ $$
| $$$$$$$$| $$$$$$$ /$$$$$$$$| $$$$$$$| $$ \ $$ /$$$$$$$//$$$$$$$/
|________/ \_______/|________/ \____ $$|__/ |__/|_______/|_______/
/$$ | $$
| $$$$$$/
\______/
usage: lazyxssX5.py [-h] [-u URL] [-f FILE] [-t THREADS] [-e ENCODING] [-o OUTPUT] [-T TIME_SEC]
XSS Vulnerability Checker Tool
options:
-h, --help show this help message and exit
-u URL, --url URL Specify a single URL to test for XSS vulnerabilities.
-f FILE, --file FILE Specify a file containing a list of URLs to test.
-t THREADS, --threads THREADS
Specify the number of threads to use (default: 5).
-e ENCODING, --encoding ENCODING
Specify the number of times to encode payloads (default: 0).
-o OUTPUT, --output OUTPUT
Specify a custom file name for output results (default: result.txt).
-T TIME_SEC, --time-sec TIME_SEC
Specify connection timeout in seconds (default: 10).
LazyXss automates the process of detecting reflected XSS vulnerabilities in URLs. This tool is specifically designed for testing reflected XSS and does not detect DOM-based XSS or other types of vulnerabilities. Thank you for using LazyXss!
- Automated Testing: Quickly checks for reflected XSS vulnerabilities in URLs.
- Configurable Payloads: Allows you to specify and encode payloads for testing.
- Proxy Support: Optionally use proxies to test while avoiding detection and IP blocking.
- Logging: Detailed logging of test results and server status.
- Multi-Platform Support: Easy installation and setup on Windows, Debian-based, Fedora-based, and macOS systems.
- File-based URL Handling: Supports URL lists from files.
- Improved Proxy Handling and Payload Encoding: Advanced configuration for better testing performance.
- Increased Threading: Supports multithreading for faster testing of multiple URLs.
- Command-line Interface: Simple and effective CLI for ease of use.
- GUI Mode: A graphical user interface for easier configuration and usage.
- Advanced Reporting: Customizable and detailed reports of test results.
Before using LazyXss, ensure that Google Chrome and the corresponding ChromeDriver are installed on your system.
-
Clone the Repository
git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss -
Install Dependencies
pip install -r requirements.txt
-
Run the Installer
python installer.py
-
Start LazyXss
python LazyXss.py -h
-
Update and Upgrade Packages
sudo apt update && sudo apt upgrade -
Install Dependencies
sudo apt install git python3-pip git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss pip3 install -r requirements.txt -
Run the Installer
python3 installer.py
-
Start LazyXss
python3 LazyXss.py -h
-
Update Packages
sudo dnf update
-
Install Dependencies
sudo dnf install git python3-pip git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss pip3 install -r requirements.txt -
Run the Installer
python3 installer.py
-
Start LazyXss
python3 LazyXss.py
-
Install Homebrew (if not already installed)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -
Install Dependencies
brew install git python git clone https://github.com/iamunixtz/LazyXss.git cd LazyXss pip3 install -r requirements.txt -
Run the Installer
python3 installer.py
-
Start LazyXss
python3 LazyXss.py
If you encounter any issues or have suggestions for improvements, feel free to open an issue or submit a pull request. Contributions are highly encouraged!
Running LazyXss may consume significant CPU resources. Ensure your system has sufficient performance to avoid potential slowdowns or crashes. It is not recommended for use on low-specification systems.
