A sophisticated tool designed for web application security enthusiasts.
This utility specializes in identifying web page inputs and performing comprehensive XSS scanning. Whether you’re looking to uncover subdomains, analyze forms, or test for XSS vulnerabilities, X-Recon provides all the necessary functionalities to enhance your security testing efforts.
max_depth
.Note:
The scanning functionality is currently inactive on SPA (Single Page Application) web applications, and we have only tested it on websites developed with PHP, yielding remarkable results. In the future, we plan to incorporate these features into the tool.
$ git clone https://github.com/joshkar/X-Recon
$ cd X-Recon
$ python3 -m pip install -r requirements.txt
$ python3 xr.py
You can use this address in the Get URL section
http://testphp.vulnweb.com
Scan your source code and infra IaC against top security risks Betterscan is a orchestration toolchain that…
SQLRecon is a Microsoft SQL Server toolkit that is designed for offensive reconnaissance and post-exploitation.…
PoC for onMouseMove HTML file used in the Russian APT Group campaign targeting Ukraine The…
AWS CDK uses the familiarity and expressive power of programming languages for modeling your applications. It…
The docker container runtime must be used to complete some of the included scenarios. K3s…
Azure Kubernetes Services (AKS) is Microsoft's managed kubernetes offering running on Azure. Explore the robust capabilities…