mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-05-27 17:52:28 +02:00
公明
75 lines
1.6 KiB
YAML
75 lines
1.6 KiB
YAML
name: "dalfox"
|
|
command: "dalfox"
|
|
enabled: true
|
|
|
|
short_description: "高级XSS漏洞扫描器"
|
|
|
|
description: |
|
|
Dalfox是一个高级XSS漏洞扫描器,支持多种XSS检测技术。
|
|
|
|
**主要功能:**
|
|
- XSS漏洞检测
|
|
- 盲XSS测试
|
|
- DOM挖掘
|
|
- 字典挖掘
|
|
|
|
**使用场景:**
|
|
- XSS漏洞测试
|
|
- Web应用安全测试
|
|
- Bug bounty侦察
|
|
- 安全测试
|
|
|
|
parameters:
|
|
- name: "url"
|
|
type: "string"
|
|
description: "目标URL"
|
|
required: true
|
|
flag: "-u"
|
|
format: "flag"
|
|
|
|
- name: "pipe_mode"
|
|
type: "bool"
|
|
description: "使用管道模式输入"
|
|
required: false
|
|
flag: "--pipe"
|
|
format: "flag"
|
|
default: false
|
|
|
|
- name: "blind"
|
|
type: "bool"
|
|
description: "启用盲XSS测试"
|
|
required: false
|
|
flag: "-b"
|
|
format: "flag"
|
|
default: false
|
|
|
|
- name: "mining_dom"
|
|
type: "bool"
|
|
description: "启用DOM挖掘"
|
|
required: false
|
|
flag: "--mining-dom"
|
|
format: "flag"
|
|
default: true
|
|
|
|
- name: "mining_dict"
|
|
type: "bool"
|
|
description: "启用字典挖掘"
|
|
required: false
|
|
flag: "--mining-dict"
|
|
format: "flag"
|
|
default: true
|
|
|
|
- name: "additional_args"
|
|
type: "string"
|
|
description: |
|
|
额外的dalfox参数。用于传递未在参数列表中定义的dalfox选项。
|
|
|
|
**示例值:**
|
|
- 根据工具特性添加常用参数示例
|
|
|
|
**注意事项:**
|
|
- 多个参数用空格分隔
|
|
- 确保参数格式正确,避免命令注入
|
|
- 此参数会直接追加到命令末尾
|
|
required: false
|
|
format: "positional" |