Dalfox in Termux – Installation & Usage Commands

Dalfox is a simple and powerful XSS scanner that helps you find Cross-Site Scripting (XSS) vulnerabilities in websites. You can scan single URLs, test multiple targets, and generate detailed scan results. It also supports parameter mining, custom payloads, and different scanning modes. It is fast, easy to use, and works directly in Termux.

Here’s what you can do with Dalfox in Termux:

  • Scan websites for XSS vulnerabilities.
  • Test single URLs and URL lists.
  • Perform parameter mining.
  • Use custom XSS payloads.
  • Save scan results to a file.
  • Learn web application security testing.

Install Dalfox in Termux

Below are the simple commands to install Dalfox in Termux. Copy and run each command one by one to install the tool.

Update Termux packages.

pkg update && pkg upgrade -y

Install Git and Go.

pkg install git golang -y

Install Dalfox.

go install github.com/hahwul/dalfox/v2@latest

Add the Go binary directory to your PATH.

echo 'export PATH=$PATH:$HOME/go/bin' >> ~/.bashrc

Reload the shell.

source ~/.bashrc

Check the installed version.

dalfox version

Dalfox is now installed and ready to use.

Use Dalfox in Termux

After installing Dalfox in Termux, you can use the following commands to scan web applications for XSS vulnerabilities.

Display the help menu.

dalfox -h

Scan a single URL.

dalfox url "https://example.com/?q=test"

Scan multiple URLs from a file.

dalfox file urls.txt

Scan URLs using pipeline mode.

cat urls.txt | dalfox pipe

Enable deep DOM XSS scanning.

dalfox url "https://example.com/?q=test" --deep-domxss

Perform only parameter discovery.

dalfox url "https://example.com" --only-discovery

Use a custom payload file.

dalfox url "https://example.com/?q=test" --custom-payload payloads.txt

Save the scan results to a file.

dalfox url "https://example.com/?q=test" -o result.txt

Generate a JSON report.

dalfox url "https://example.com/?q=test" --report --report-format json

Increase the number of concurrent workers.

dalfox url "https://example.com/?q=test" -w 200

After running the required command, Dalfox will analyze the target and display the scan results in the Termux terminal. You can also save the output to a file for later review.

End Note

Dalfox is a simple and useful tool for finding XSS vulnerabilities in websites. It is easy to use, works well in Termux, and is a great choice for learning web security and ethical hacking.

SHARE THIS POST: