XSStrike in Termux – Installation, Usage & Basic Commands

XSStrike is an advanced XSS detection and penetration testing tool that is used to find cross-site scripting vulnerabilities in websites and web applications. It includes intelligent payload generation, crawling, fuzzing, parameter testing, and WAF detection features for web security testing tasks. It analyzes web applications and helps identify XSS vulnerabilities by generating intelligent payloads and testing how the target responds.

Installation Commands

Update Termux and install required packages:

pkg update && pkg upgrade && pkg install git python -y

Clone the official GitHub repository:

git clone https://github.com/s0md3v/XSStrike.git

Move into the XSStrike directory:

cd XSStrike

Install required Python modules:

pip install -r requirements.txt

Fix urllib3 compatibility issue (important):

pip uninstall urllib3 && pip install "urllib3<2"

Install pip fuzzywuzzy module:

python3 -m pip install fuzzywuzzy

Verify installation:

python xsstrike.py -h

Usage Commands

Scan a URL for XSS vulnerabilities:

python xsstrike.py -u https://example.com

Scan a URL with parameters:

python xsstrike.py -u "https://example.com/search?q=test"

Crawl a website and test discovered pages:

python xsstrike.py -u https://example.com --crawl

Use custom headers:

python xsstrike.py -u https://example.com --headers

Test using POST request:

python xsstrike.py -u https://example.com/login --data "username=test&password=test"

Save output results to a file:

python xsstrike.py -u https://example.com -o result.txt

Show help and all available options:

python xsstrike.py -h
SHARE THIS POST: