mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-03-31 16:20:28 +02:00
75 lines
1.6 KiB
YAML
75 lines
1.6 KiB
YAML
name: "dalfox"
|
||
command: "dalfox"
|
||
enabled: true
|
||
|
||
short_description: "高级XSS漏洞扫描器"
|
||
|
||
description: |
|
||
Dalfox是一个高级XSS漏洞扫描器,支持多种XSS检测技术。
|
||
|
||
**主要功能:**
|
||
- XSS漏洞检测
|
||
- 盲XSS测试
|
||
- DOM挖掘
|
||
- 字典挖掘
|
||
|
||
**使用场景:**
|
||
- XSS漏洞测试
|
||
- Web应用安全测试
|
||
- Bug bounty侦察
|
||
- 安全测试
|
||
|
||
parameters:
|
||
- name: "url"
|
||
type: "string"
|
||
description: "目标URL"
|
||
required: true
|
||
flag: "-u"
|
||
format: "flag"
|
||
|
||
- name: "pipe_mode"
|
||
type: "bool"
|
||
description: "使用管道模式输入"
|
||
required: false
|
||
flag: "--pipe"
|
||
format: "flag"
|
||
default: false
|
||
|
||
- name: "blind"
|
||
type: "bool"
|
||
description: "启用盲XSS测试"
|
||
required: false
|
||
flag: "-b"
|
||
format: "flag"
|
||
default: false
|
||
|
||
- name: "mining_dom"
|
||
type: "bool"
|
||
description: "启用DOM挖掘"
|
||
required: false
|
||
flag: "--mining-dom"
|
||
format: "flag"
|
||
default: true
|
||
|
||
- name: "mining_dict"
|
||
type: "bool"
|
||
description: "启用字典挖掘"
|
||
required: false
|
||
flag: "--mining-dict"
|
||
format: "flag"
|
||
default: true
|
||
|
||
- name: "additional_args"
|
||
type: "string"
|
||
description: |
|
||
额外的dalfox参数。用于传递未在参数列表中定义的dalfox选项。
|
||
|
||
**示例值:**
|
||
- 根据工具特性添加常用参数示例
|
||
|
||
**注意事项:**
|
||
- 多个参数用空格分隔
|
||
- 确保参数格式正确,避免命令注入
|
||
- 此参数会直接追加到命令末尾
|
||
required: false
|
||
format: "positional" |