Loxs 快速查找WEB风险

admin 2024年10月29日00:35:35评论31 views字数 2265阅读7分33秒阅读模式

【🔔】互联网资料/工具,安全性未知,需要自行研判安全性。

Loxs 快速查找WEB风险

简介

Loxs is an easy-to-use tool that finds web issues like LFI - OR - SQLi - XSS.

Loxs Multi Vulnerability Scanner for web application
L = Local File Inclusion (LFI)
O = Open Redirection (OR)
X = Cross Site Scripting (XSS)
S = Structured Query Language Injection (SQLi)
Language Packages
Python Python 3.x webdriver_manager selenium aiohttp beautifulsoup4 colorama rich requests gitpython prompt_toolkit pyyaml Flask

Features

Features About
LFI Scanner Detect Local File Inclusion vulnerabilities.
OR Scanner Identify Open Redirect vulnerabilities.
SQL Scanner Detect SQL Injection vulnerabilities.
XSS Scanner Identify Cross-Site Scripting vulnerabilities.
Multi-threaded Scanning Improved performance through multi-threading.
Customizable Payloads Adjust payloads to suit specific targets.
Success Criteria Modify success detection criteria for specific use cases.
User-friendly CLI Simple and intuitive command-line interface.
Save Vulnerable URLs Option to save vulnerable URLs to a file for future reference.
HTML Report Generation Generates a detailed HTML report of found vulnerabilities.

Installation

Clone the repository

git clone https://github.com/coffinxp/loxs.git
cd loxs

Install the requirements

pip3 install -r requirements.txt

Run the Script

python3 loxs.py

Loxs 快速查找WEB风险

Example

Loxs 快速查找WEB风险

Loxs 快速查找WEB风险

Loxs 快速查找WEB风险

Loxs 快速查找WEB风险

----
| Input Information         |                                                                                         |
|---------------------------|-----------------------------------------------------------------------------------------|
| Input URL/File            | Provide a single URL or an input file containing multiple URLs for scanning.            |
| Payload File              | Select or provide a custom payload file for the specific type of vulnerability scanning.|
| Success Criteria          | Define patterns or strings indicating a successful exploitation attempt.                |
| Concurrent Threads        | Set the number of threads for multi-threaded scanning.                                  |
| View and Save Results     | Display results in real-time during the scan, and save vulnerable URLs for future use.  |
----

| Customization              |                                                                                          |
|----------------------------|------------------------------------------------------------------------------------------|
| Custom Payloads            | Modify or create payload files for different vulnerability types to target specific apps.|
| Success Criteria           | Adjust the tool's success patterns to more accurately detect successful exploitations.   |
| Concurrent Threads         | Control the number of threads used during the scan for performance optimization.         |
----

Chrome Installation‍‍

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

原文始发于微信公众号(埋藏酱油瓶):【开源工具】- Loxs 快速查找WEB风险

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2024年10月29日00:35:35
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   Loxs 快速查找WEB风险https://cn-sec.com/archives/3313947.html

发表评论

匿名网友 填写信息