Dalfox

TRENDINGVERIFIED

Powerful XSS scanning and parameter analysis tool

Web Application HackingOSS

Intermediate

LinuxWindowsmacOS

Description

Dalfox is a powerful open-source XSS scanner and parameter analysis tool written in Go. It focuses on finding reflected and stored XSS vulnerabilities using DOM analysis, parameter mining, static analysis, and smart payload selection with verification of true positives.

Use Cases

Detect reflected and stored XSS vulnerabilities automatically
Mine parameters from web archives for XSS testing
Integrate XSS scanning into bug bounty automation pipelines

Attack Phases

01. RECON

02. SCAN

03. EXPLOIT

04. PERSIST

05. COVER

MITRE ATT&CK Techniques (2)

T1059.007JavaScript(Execution)

Related Tools (2)

Burp Suite ffuf