| 🔍 Loxs | 🛡️ Multi Vulnerability Scanner | 🌐 for Web Applications |
|---|---|---|
L |
= | Local File Inclusion (LFI) |
O |
= | Open Redirection (OR) |
X |
= | Cross-Site Scripting (XSS) |
S |
= | SQL Injection (SQLi) |
| Carriage Return Line Feed Injection (CRLF) |
Loxs is a powerful and user-friendly tool for identifying common web vulnerabilities such as
LFI,OR,SQLi,XSS, andCRLF.
👨💻 Created by:AnonKryptiQuz×Coffinxp×HexShad0w×Naho×1hehaq×Hghost010×adperem
| Feature | Description |
|---|---|
🗂️ LFI Scanner |
Detects Local File Inclusion vulnerabilities. |
🔀 OR Scanner |
Identifies Open Redirect vulnerabilities. |
💉 SQLi Scanner |
Detects SQL Injection vulnerabilities. |
🧬 XSS Scanner |
Identifies Cross-Site Scripting vulnerabilities. |
🧾 CRLF Scanner |
Detects Carriage Return Line Feed Injection vulnerabilities. |
⚡ Multi-threaded Scanning |
Boosts performance with concurrent requests. |
🧰 Customizable Payloads |
Easily adapt payloads for different environments or specific needs. |
🧠 Success Criteria |
Configure patterns that determine successful exploitation. |
💻 User-friendly CLI |
Clean, intuitive command-line interface. |
💾 Save Vulnerable URLs |
Option to store results for future reference. |
📊 HTML Report Generation |
Automatically creates a detailed report in HTML format. |
| Language | Packages |
|---|---|
| 🐍 Python 3 | webdriver_manager, selenium, aiohttp, beautifulsoup4, colorama, rich, requests, gitpython, prompt_toolkit, pyyaml, flask |
git clone https://github.com/coffinxp/loxs.git
cd loxspip3 install -r requirements.txtpython3 loxs.pywget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo dpkg -i google-chrome-stable_current_amd64.deb
sudo apt -f installwget https://storage.googleapis.com/chrome-for-testing-public/128.0.6613.119/linux64/chromedriver-linux64.zip
unzip chromedriver-linux64.zip
cd chromedriver-linux64
sudo mv chromedriver /usr/binTor can help anonymize your scanning activities.
sudo apt update && sudo apt upgrade -ysudo apt install tor -ysudo systemctl enable tor
sudo systemctl start torcurl --socks5 127.0.0.1:9050 https://check.torproject.org/You should see a message like: "🎉 Congratulations. This browser is configured to use Tor."
sudo nano /etc/tor/torrcThen restart:
sudo systemctl restart tor| Option | Description |
|---|---|
| 🔗 Input URL/File | Provide a single URL or a file containing multiple targets. |
| 🧨 Payload File | Use or create custom payloads for specific scanning needs. |
| ✅ Success Criteria | Define success indicators for different exploit types. |
| 🚀 Concurrent Threads | Configure the number of parallel requests. |
| 📋 Real-time and Saved Results | Display ongoing findings and save final results to file. |
| Customization Feature | Description |
|---|---|
| ✏️ Payload Configuration | Customize or add new payloads for various scan types. |
| 🎯 Success Pattern Tuning | Modify success conditions based on the application under test. |
| ⚙️ Thread Optimization | Improve performance by setting appropriate concurrency levels. |
⚠️ Disclaimer: This tool is intended solely for educational and authorized security testing. Unauthorized usage on systems you do not own or have explicit permission to test is strictly prohibited.