LazyXSS is a powerful and efficient tool designed to detect Cross-Site Scripting (XSS) vulnerabilities in web applications. It supports scanning single URLs or multiple URLs from a file, allowing for customizable encoding, timeouts, and output options.
- Single URL and bulk URL testing
- Multi-threaded scanning for enhanced performance
- Customizable payload encoding levels
- Adjustable connection timeout settings
- Export scan results to a file for later analysis
- Lightweight and easy to use
To get started with LazyXSS, follow these steps:
git clone https://github.com/Iamunixtz/lazyXss.git
cd lazyXss
pip install -r requirements.txtEnsure you have Python installed before running the tool.
usage: lazyxss.py [-h] [-u URL] [-f FILE] [-t THREADS] [-e ENCODING] [-o OUTPUT] [-T TIME_SEC]-h, --helpShow the help message and exit.-u URL, --url URLSpecify a single URL to test for XSS vulnerabilities.-f FILE, --file FILEProvide a file containing a list of URLs to test.-t THREADS, --threads THREADSSet the number of threads to use (default: 5).-e ENCODING, --encoding ENCODINGDefine the number of times to encode payloads (default: 0).-o OUTPUT, --output OUTPUTSpecify a custom file name for output results (default: result.txt).-T TIME_SEC, --time-sec TIME_SECSet connection timeout in seconds (default: 10).
python lazyxss.py -u "http://example.com/search?q=test"python lazyxss.py -f urls.txtContributions are welcome! Feel free to submit issues or pull requests to help improve LazyXSS.
This tool is intended for educational and ethical testing purposes only. Use responsibly and ensure you have permission before testing any website.
Author: Iamunixtz | GitHub
