A Question #190
Replies: 2 comments
-
@SAGEof6iixPATHS Dalfox basically performs parameter mining together, but through a custom word list, mining can be performed based on wider data.
|
Beta Was this translation helpful? Give feedback.
-
@SAGEof6iixPATHS
However, since this process is difficult to run on command-line every time, it is sometimes defined and used to run manual in "burp or zap's run applications". Small tip, The company I work for makes it an burp extension and uses it! |
Beta Was this translation helpful? Give feedback.
-
What is the best method to use dalfox??
I've been using gau, waybackurls, paramspider to find urls and sometime used gf tool too...
But recently i came across a Tool named Quickxss, it filters urls completely...(You should try that, maybe you get a new idea from that)
Lets get back to the question...
What method do you suggest that will have more chances of finding bugs...
I run this tool and work on other bugs while this is going on, but never found anything (yet):/
And have you considered trying out sqli?? Like dalfox is more focused on xss
Beta Was this translation helpful? Give feedback.
All reactions