Dalfox is a simple and powerful XSS scanner that helps you find Cross-Site Scripting (XSS) vulnerabilities in websites. You can scan single URLs, test multiple targets, and generate detailed scan results. It also supports parameter mining, custom payloads, and different scanning modes. It is fast, easy to use, and works directly in Termux.
Here’s what you can do with Dalfox in Termux:
- Scan websites for XSS vulnerabilities.
- Test single URLs and URL lists.
- Perform parameter mining.
- Use custom XSS payloads.
- Save scan results to a file.
- Learn web application security testing.
Install Dalfox in Termux
Below are the simple commands to install Dalfox in Termux. Copy and run each command one by one to install the tool.
Update Termux packages.
pkg update && pkg upgrade -yInstall Git and Go.
pkg install git golang -yInstall Dalfox.
go install github.com/hahwul/dalfox/v2@latestAdd the Go binary directory to your PATH.
echo 'export PATH=$PATH:$HOME/go/bin' >> ~/.bashrcReload the shell.
source ~/.bashrcCheck the installed version.
dalfox versionDalfox is now installed and ready to use.
Use Dalfox in Termux
After installing Dalfox in Termux, you can use the following commands to scan web applications for XSS vulnerabilities.
Display the help menu.
dalfox -hScan a single URL.
dalfox url "https://example.com/?q=test"Scan multiple URLs from a file.
dalfox file urls.txtScan URLs using pipeline mode.
cat urls.txt | dalfox pipeEnable deep DOM XSS scanning.
dalfox url "https://example.com/?q=test" --deep-domxssPerform only parameter discovery.
dalfox url "https://example.com" --only-discoveryUse a custom payload file.
dalfox url "https://example.com/?q=test" --custom-payload payloads.txtSave the scan results to a file.
dalfox url "https://example.com/?q=test" -o result.txtGenerate a JSON report.
dalfox url "https://example.com/?q=test" --report --report-format jsonIncrease the number of concurrent workers.
dalfox url "https://example.com/?q=test" -w 200After running the required command, Dalfox will analyze the target and display the scan results in the Termux terminal. You can also save the output to a file for later review.
End Note
Dalfox is a simple and useful tool for finding XSS vulnerabilities in websites. It is easy to use, works well in Termux, and is a great choice for learning web security and ethical hacking.

