Example Usage
Usage of xssrecon:
  -c, --concurrent int           Number of concurrent workers for processing URLs (default: 50)
  -H, --user-agent string        Custom User-Agent header for HTTP requests. (default "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36")
  -s, --skipspecialchar          Only check rix4uni in response and move to next url, skip checking special characters.
  -t, --timeout int              Timeout for HTTP requests in seconds. (default 15)
      --chromedp-concurrent int  Number of concurrent ChromeDP browser instances (default 5)
      --chromedp-timeout int     ChromeDP page rendering timeout in seconds (default 30)
      --no-chromedp              Disable ChromeDP fallback
      --json                     Output results in JSON format.
      --no-color                 Do not use colored output.
      --silent                   silent mode.
      --specialchar string       Custom special characters to test (single char or comma-separated, e.g., '<' or '<, >'). Cannot be used with --skipspecialchar.
      --verbose                  Enable verbose output for debugging purposes.
      --version
See also
xhunter
Free

Android Penetration Tool [ RAT for Android ]…
1earn
Free

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup…
ntlm_theft
Open Source

Creates malicious files (LNK, SCF, PDF, DOCX, etc.) that force a Windows system to authenticate to a…
Pentest-Swarm-AI
Open Source

Autonomous penetration testing using a swarm of AI agents. Orchestrates recon, classification, explo…
xurlfind3r
Open Source

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It w…
ffuf
Open Source Kali

Fast web fuzzer written in Go. Supports directory discovery, parameter fuzzing, virtual host discove…