You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
GitHub Action
XSS Scan with Dalfox
v1.0.1
- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-result
with:
target: 'https://www.hahwul.com'
mode: url
cmd_options: '--follow-redirects'- Modes:
urlpipefilesxss - Options: https://github.com/hahwul/dalfox#usage
Send slack/github issue/Submit JIRA, etc.. with found-action option
- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-result
with:
target: 'https://www.hahwul.com'
mode: url
cmd_options: '--found-action "curl -i -k"https://hooks.your.system"'
- run: echo "XSS result - ${{ steps.xss-result.outputs.result }}"- Found-Action: https://github.com/hahwul/dalfox/wiki/Found-action
xss.yaml
on: [push]
jobs:
dalfox_scan:
runs-on: ubuntu-latest
name: XSS Scanning
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: master
- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-result
with:
target: 'https://xss-game.appspot.com/level1/frame'
mode: url
cmd_options: '--follow-redirects'xss.yaml
on: [push]
jobs:
dalfox_scan:
runs-on: ubuntu-latest
name: XSS Scanning
steps:
- name: Checkout
uses: actions/checkout@v2
with:
ref: master
- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-result
with:
target: 'https://xss-game.appspot.com/level1/frame\nhttps://www.hahwul.com?q=1234'
mode: pipe