Skip to content
Related Articles

Related Articles

Improve Article

DalFox – Parameter Analysis and XSS Scanning tool

  • Last Updated : 28 Jul, 2021
Geek Week

Dalfox tool is a fast, parameter analysis and Cross-site Scripting (XSS) scanner tool based on a DOM(Document Object Model) parser. The XSS Dalfox has some additional features that test for SQL injection(SQLi), Server-Side Template Injection(SSTI), and open-redirects. Dalfox is a Golang language-based tool. Dalfox is also capable of finding reflected, stored, and blind XSS on the target web application. The basic concept is to analyze parameters, find XSS, and verify them based on the DOM Parser.

Key Features:

  • Dalfox does Parameter Analysis to find reflected parameters.
  • Dalfox finds free/evil characters and makes Identification of injection point
  • Dalfox does static Analysis, checks for bad-headers like CSP, X-Frame Options, etc.
  • Dalfox does optimization queries for payloads, checks the injection point through abstraction, and generates a fitted payload.
  • Dalfox eliminates unnecessary payloads based on wrong char.

Installation of Dalfox Tool in Kali Linux 

Step 1: Update the Package lists using the following command.

sudo apt update

Step 2: Install the snapd on Kali Linux using the following command.



sudo apt install snapd

Step 3: Enable and start both the snapd and the snapd.apparmor services with the following command.

systemctl enable --now snapd apparmor

Step 4: Install Dalfox using snapd. Use the following command.

sudo snap install dalfox

Step 5: Check the help page for Dalfox tools for better understanding. Use the following command

dalfox --help

Working with Dalfox

Example 1: Single Target Mode



Now, we have successfully installed Dalfox on our system. Now it’s time to actually work with Dalfox.

dalfox url http://testphp.vulnweb.com/listproducts.php\?cat\=123\&artist\=123\&asdf\=ff -b https://hahwul.xss.ht

1. From the screenshot below, you can see vulnerable parameters are detected along with the payload.

2. We have found DOM Object XSS. Payload is also designed by the tool itself.

<img/src/onerror=.1|alert`` class=dalfox>

3. Now, we will copy the full address link at which XSS is triggered.

http://testphp.vulnweb.com/listproducts.php?artist=123&asdf=ff&cat=123%22%3E%3Cimg%2Fsrc%2Fonerror%3D.1%7Calert%60%60+class%3Ddalfox%3E



4. Pasting the link address in the Web Browser to check if an XSS is a Popup or not. 

Example 2: Multiple target mode from file

1. We have Multiple Targets URL in targets.txt.

2. XSS is detected on one of the target URL, now we are just copying the link to verify whether XSS Popups triggers or not.

3. Copying the URL in Browser triggers XSS 

Example 3: Pipeline mode

1. We have used dalfox pipeline command with assetfinder and gau tool.

2. We have Detected XSS on one of the parameters of testphp.vulnweb.com.

By running these commands, you can find any type of XSS in your target domain.

My Personal Notes arrow_drop_up
Recommended Articles
Page :