[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-11309":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":15,"stars7d":17,"stars30d":18,"stars90d":16,"forks30d":16,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":24,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":39,"readmeContent":40,"aiSummary":41,"trendingCount":16,"starSnapshotCount":16,"syncStatus":42,"lastSyncTime":43,"discoverSource":44},11309,"dalfox","hahwul\u002Fdalfox","hahwul","🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.","https:\u002F\u002Fdalfox.hahwul.com",null,"Rust",5054,534,54,1,0,9,79,7,39.19,"MIT License",false,"main",true,[26,27,28,29,30,31,32,33,34,35,36,37,38],"bugbounty","bugbounty-tool","cicd-pipeline","devsecops","golang","hacktoberfest","security","vulnerability","xss","xss-bruteforce","xss-detection","xss-exploit","xss-scanner","2026-06-12 02:02:30","\u003Cdiv align=\"center\">\n  \u003Cbr>\n  \u003Cimg src=\"docs\u002Fstatic\u002Fimages\u002Flogo.png\" alt=\"dalfox\" width=\"400px;\">\n\u003C\u002Fdiv>\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fhahwul\u002Fdalfox\u002Freleases\u002Flatest\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002Fhahwul\u002Fdalfox?style=for-the-badge&logoColor=%2330365e&label=dalfox&labelColor=%2330365e&color=%2330365e\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fdalfox.hahwul.com\u002Fpage\u002Foverview\u002F\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fdocuments---.svg?style=for-the-badge&labelColor=%2330365e&color=%2330365e\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fx.com\u002Fintent\u002Ffollow?screen_name=hahwul\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Ftwitter\u002Ffollow\u002Fhahwul?style=for-the-badge&logo=x&labelColor=%2330365e&color=%2330365e\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fhahwul\u002Fdalfox\u002Fblob\u002Fmain\u002FCONTRIBUTING.md\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fcontributions-welcome-brightgreen.svg?style=for-the-badge&labelColor=%2330365e&color=%2330365e\">\u003C\u002Fa>\n\u003C\u002Fp>\n\n> **Looking for the Go (v2.x) version?** Dalfox v3 is a complete rewrite in Rust. The Go codebase is preserved on the [`v2` branch](https:\u002F\u002Fgithub.com\u002Fhahwul\u002Fdalfox\u002Ftree\u002Fv2) and continues to receive security backports. See [SECURITY.md](.\u002FSECURITY.md) for the support policy.\n\nDalfox is a powerful open-source tool that focuses on automation, making it ideal for quickly scanning for XSS flaws and analyzing parameters. Its advanced testing engine and niche features are designed to streamline the process of detecting and verifying vulnerabilities.\n\n## Key features\n\n* Modes: `URL`, `SXSS`, `Pipe`, `File`, `Server`, `Payload`\n* Discovery: Parameter analysis, static analysis, BAV testing, parameter mining\n* XSS Scanning: Reflected, Stored, DOM-based, with optimization and DOM\u002FAST verification\n* HTTP Options: Custom headers, cookies, methods, proxy, and more\n* Output: JSON\u002FJSONL\u002FPlain\u002FMarkdown\u002FSARIF formats, silence mode, detailed reports\n* Extensibility: REST API, custom payloads, remote wordlists\n\nAnd the various options required for the testing :D\n\n## Installation\n### Homebrew (macOS\u002FLinux)\n```bash\nbrew install dalfox\n\n# https:\u002F\u002Fformulae.brew.sh\u002Fformula\u002Fdalfox\n```\n\n### Snapcraft (Ubuntu)\n```bash\nsudo snap install dalfox\n```\n\n### Nixpkgs (NixOS)\n\nA package is available for Nix or NixOS users. Keep in mind that the latest releases might only\nbe present in the `unstable` channel.\n\n```bash\nnix-shell -p dalfox\n```\n\n### Nix Flakes\n\nFor Nix users with flakes enabled:\n\n```bash\n# Run directly\nnix run github:hahwul\u002Fdalfox -- scan https:\u002F\u002Fexample.com\n\n# Install\nnix profile install github:hahwul\u002Fdalfox\n\n# Development environment\nnix develop github:hahwul\u002Fdalfox\n```\n\nSee [Installation guide](https:\u002F\u002Fdalfox.hahwul.com\u002Fdocs\u002Finstallation\u002F) for details.\n\n## Usage\n```bash\ndalfox [mode] [target] [flags]\n```\n\n* Single URL: `dalfox url http:\u002F\u002Fexample.com -b https:\u002F\u002Fcallback`\n* File Mode: `dalfox file urls.txt --custom-payload mypayloads.txt`\n* Pipeline: `cat urls.txt | dalfox pipe -H \"AuthToken: xxx\"`\n\nCheck the [Usage](https:\u002F\u002Fdalfox.hahwul.com\u002Fpage\u002Fusage\u002F) and [Running](https:\u002F\u002Fdalfox.hahwul.com\u002Fpage\u002Frunning\u002F) documents for more examples.\n\n## Contributing\nif you want to contribute to this project, please see [CONTRIBUTING.md](https:\u002F\u002Fgithub.com\u002Fhahwul\u002Fdalfox\u002Fblob\u002Fmain\u002FCONTRIBUTING.md) and Pull-Request with cool your contents.\n\n[![](docs\u002Fstatic\u002Fimages\u002FCONTRIBUTORS.svg)](https:\u002F\u002Fgithub.com\u002Fhahwul\u002Fdalfox\u002Fgraphs\u002Fcontributors)\n\n## About the Name\nAs for the name, Dal([달](https:\u002F\u002Fen.wiktionary.org\u002Fwiki\u002F달)) is the Korean word for \"moon,\" while \"Fox\" stands for \"Finder Of XSS\" or 🦊\n\n![](docs\u002Fimages\u002Fillust.jpg)\n","Dalfox 是一个强大的开源XSS扫描工具，专注于自动化检测和分析。它采用Rust语言重写，具备多种模式（如URL、SXSS、Pipe等），支持参数分析、静态分析、BAV测试等功能，并能检测反射型、存储型及DOM型XSS漏洞。此外，Dalfox还提供了丰富的HTTP选项配置以及多种输出格式（JSON\u002FJSONL\u002FPlain\u002FMarkdown\u002FSARIF），并支持通过REST API扩展自定义payloads或远程字典。该工具非常适合安全研究人员、渗透测试人员在进行Web应用安全评估时使用，尤其是在CI\u002FCD流水线集成场景下能够发挥重要作用。",2,"2026-06-11 03:31:37","top_language"]