search

coffinxp / loxs

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect
662 stars 151 forks source link

XSS scanner fails to discover injection #53

Closed souilos closed 2 weeks ago

souilos commented 2 weeks ago

Hey! thanks for the update guys 🙂

I just edited the script for my payloads to not be encoded from xss.txt but it still fails to detect when it's vulnerable...

Capture d’écran 2024-11-04 à 11 03 41 Capture d’écran 2024-11-04 à 11 05 13
HexShad0w commented 2 weeks ago

Hello,

The problem may be due to the timeout you have set, try setting 5 - 10, the default one is for quick scan, but when the site is a bit slow it may cause false negatives.

Thank you for your feedback!

hexsh1dow

souilos commented 2 weeks ago

Hey @HexShad0w thanks for you answer!

The issue is still present even with timeout set at 10... Can we chat on TG so we can fix it?

The exact same payload is not working with the tool, I am sure it could miss other injections then..

https://t.me/souilos