This Bash script automates the process of collecting and analyzing domain reconnaissance data. It is designed for bug bounty hunting and penetration testing, utilizing various tools to gather URLs, subdomains, and potential XSS vulnerabilities for a given domain.
https://github.com/dirtycoder0124/XSS-Automation
Features
https://github.com/dirtycoder0124/XSS-Automation
Features
- Automatic Installation: Installs necessary tools for reconnaissance and vulnerability scanning.
- Domain Data Collection: Gathers data using waybackurls, gau, subfinder, and more.
- Subdomain Discovery: Identifies active subdomains with httpx.
- URL Crawling: Uses gospider, hakrawler, and katana for in-depth URL analysis.
- Path Deduplication: Normalizes and removes duplicate URLs with uro.
- Live Endpoint Check: Verifies live endpoints using httpx.
- XSS Vulnerability Detection: Uses gf and dalfox to identify potential XSS vulnerabilities.