itsMe Posted December 29, 2023 Share Posted December 29, 2023 This is the hidden content, please Sign In or Sign Up Xray Pro by Chaitin Tech is a fast command line web security scanner. Xray is a fast command line web security scanner. This is a command line tool. Documentation is here: This is the hidden content, please Sign In or Sign Up THIS IS NOT A GUI CLICK CLICK TOOL - It is meant for fast and dirty command line power-user scanning and for you to script along with things like nuclei and other similar toolcraft. INSTRUCTIONS 1. run open_cmd.bat to open a cmd shell (or as you prefer use cmd or powershell) 2. from the command line, run scans like this example: xray.exe ws --browser This is the hidden content, please Sign In or Sign Up --json-output result.json --html-output report.html NOTES For best results you need to actually set up the configuration file and choose which security tests you want to use, also set it up on a vps and note the IP address in the config file so xray can check all those things which need to connect back out from the site (log4j, blind xxe, struts, fastjson, etc) You should also always set an output option. Unfortunately there is no text except console output (depite that documentation on website claims there is, there is still no such option in the software) - the options are json or html and the html requires javascript. 😕 There is also webhook if you are into that. I removed the need to have a license file at all, however it doesn't hurt anything so just in case there is some obscure thing I missed, I left it in. This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts