【🔔】互联网资料/工具,安全性未知,需要自行研判安全性。
简介
Loxs is an easy-to-use tool that finds web issues like LFI - OR - SQLi - XSS.
Loxs | Multi Vulnerability Scanner | for web application |
---|---|---|
L | = | Local File Inclusion (LFI) |
O | = | Open Redirection (OR) |
X | = | Cross Site Scripting (XSS) |
S | = | Structured Query Language Injection (SQLi) |
Language | Packages |
---|---|
Python | Python 3.x webdriver_manager selenium aiohttp beautifulsoup4 colorama rich requests gitpython prompt_toolkit pyyaml Flask |
Features
Features | About |
---|---|
LFI Scanner | Detect Local File Inclusion vulnerabilities. |
OR Scanner | Identify Open Redirect vulnerabilities. |
SQL Scanner | Detect SQL Injection vulnerabilities. |
XSS Scanner | Identify Cross-Site Scripting vulnerabilities. |
Multi-threaded Scanning | Improved performance through multi-threading. |
Customizable Payloads | Adjust payloads to suit specific targets. |
Success Criteria | Modify success detection criteria for specific use cases. |
User-friendly CLI | Simple and intuitive command-line interface. |
Save Vulnerable URLs | Option to save vulnerable URLs to a file for future reference. |
HTML Report Generation | Generates a detailed HTML report of found vulnerabilities. |
Installation
Clone the repository
git clone https://github.com/coffinxp/loxs.git
cd loxs
Install the requirements
pip3 install -r requirements.txt
Run the Script
python3 loxs.py
Example
----
| Input Information | |
|---------------------------|-----------------------------------------------------------------------------------------|
| Input URL/File | Provide a single URL or an input file containing multiple URLs for scanning. |
| Payload File | Select or provide a custom payload file for the specific type of vulnerability scanning.|
| Success Criteria | Define patterns or strings indicating a successful exploitation attempt. |
| Concurrent Threads | Set the number of threads for multi-threaded scanning. |
| View and Save Results | Display results in real-time during the scan, and save vulnerable URLs for future use. |
----
| Customization | |
|----------------------------|------------------------------------------------------------------------------------------|
| Custom Payloads | Modify or create payload files for different vulnerability types to target specific apps.|
| Success Criteria | Adjust the tool's success patterns to more accurately detect successful exploitations. |
| Concurrent Threads | Control the number of threads used during the scan for performance optimization. |
----
Chrome Installation
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
原文始发于微信公众号(埋藏酱油瓶):【开源工具】- Loxs 快速查找WEB风险
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论