Metadata-Version: 2.4
Name: quickxss
Version: 3.0.0
Summary: Automate XSS workflows with waybackurls, gau, gf, and dalfox.
Author: theinfosecguy
License: MIT License
        
        Copyright (c) 2021 Keshav Malik
        
        Permission is hereby granted, free of charge, to any person obtaining a copy
        of this software and associated documentation files (the "Software"), to deal
        in the Software without restriction, including without limitation the rights
        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
        copies of the Software, and to permit persons to whom the Software is
        furnished to do so, subject to the following conditions:
        
        The above copyright notice and this permission notice shall be included in all
        copies or substantial portions of the Software.
        
        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
        SOFTWARE.
        
Requires-Python: >=3.12
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: typer>=0.12.0
Requires-Dist: pyfiglet>=1.0.2
Provides-Extra: dev
Requires-Dist: pytest>=8.0.0; extra == "dev"
Requires-Dist: isort>=5.13.0; extra == "dev"
Requires-Dist: ruff>=0.6.0; extra == "dev"
Dynamic: license-file

# QuickXSS

Automate your XSS workflow by chaining **waybackurls**, **gau**, **gf**, and **dalfox**.

## Requirements

QuickXSS orchestrates external tools. Install these first:

- Python 3.12+

- [gf](https://github.com/tomnomnom/gf)
- [Gf-Patterns](https://github.com/1ndianl33t/Gf-Patterns)
- [dalfox](https://github.com/hahwul/dalfox)
- [waybackurls](https://github.com/tomnomnom/waybackurls)
- [gau](https://github.com/lc/gau)

Example (Go-based installs):

```bash
go install github.com/tomnomnom/gf@latest
go install github.com/tomnomnom/waybackurls@latest
go install github.com/hahwul/dalfox/v2@latest
go install github.com/lc/gau@latest

mkdir -p ~/.gf
git clone https://github.com/tomnomnom/gf /tmp/gf
cp -r /tmp/gf/examples/* ~/.gf/

git clone https://github.com/1ndianl33t/Gf-Patterns /tmp/Gf-Patterns
cp -r /tmp/Gf-Patterns/*.json ~/.gf/
```

## Install QuickXSS

Recommended with `pipx`:

```bash
pipx install .
```

Or with `pip`:

```bash
pip install .
```

## Usage

```bash
quickxss scan -d example.com
quickxss scan -d example.com -b blind.xss.ht
quickxss scan -d example.com -o results.txt
```

## Setup

Check dependencies:

```bash
quickxss setup
```

Install missing dependencies (macOS/Linux with brew/apt):

```bash
quickxss setup --install
```

On Windows, `setup` is check-only and prints manual install commands.

## Docker

Build and run using Docker:

```bash
docker build -t quickxss .
docker run --rm -it quickxss scan -d example.com
```

## Output

Results are stored under `results/<domain>/` by default:

- `<domain>.txt` (raw URL collection)
- `<domain>_temp_xss.txt` (gf output before de-dup)
- `<domain>_xss.txt` (candidate URLs)
- `results.txt` (dalfox output; always created)

## Development

Run tests:

```bash
pytest
```

Integration tests (requires external tools + network):

```bash
QUICKXSS_INTEGRATION=1 pytest -m integration
```

Sort imports:

```bash
isort quickxss tests
```

## License

MIT
