Hunt every XSS
before it hunts you.

Reflected, Stored, and DOM-based flaws, discovered and verified with AST-level precision across every parameter.

6 Scan Modes
AST DOM Verification
MCP AI Ready
OSS MIT Licensed

One command, a verified finding

Point Dalfox at a target and it discovers parameters, probes contexts, injects, and confirms the hit at the DOM level before it ever reaches your report.

dalfox · scan
$dalfox scan https://xss-game.appspot.com/level1/frame
6:42PM INF start scan to https://xss-game.appspot.com/level1/frame
6:42PM INF found reflected 1 params
└── query valid_specials="/\'{`<>"();=|}[.:]+,$-" invalid_specials=""
6:42PM WRN XSS found 1 XSS
[POC][V][GET][inHTML] ...?query=%3Csvg%2Fonload%3Dalert%281%29%3E
├── Issue: XSS payload DOM object identified
├── Payload: <svg/onload=alert(1)>
└── L13: matches for <svg/onload=alert(1)>
6:42PM INF scan completed in 3.482 seconds
  • Homebrew
  • Snap
  • Arch (AUR)
  • Nix
  • Cargo
$ brew install dalfox

// Capabilities

One scanner, the whole XSS workflow

Run it against one URL or a full pipeline: CLI, file batch, pipe, server, or MCP. The same engine sits underneath each one, and every finding comes back parsed, DOM-verified, and reported in a format you can act on.

Deep XSS discovery

Reflected, Stored, and DOM-based XSS with payload optimization. AST-backed DOM verification means no more false positives from blind reflections.

reflected stored dom ast-verify

Parameter intelligence

Mining, static analysis, BAV testing, and context-aware charset probing give every parameter a full attack profile.

WAF aware

Fingerprints popular WAFs and mutates payloads with encoding, casing, and polyglot tactics to slip through.

Built for pipelines

Pipe, file-batch, and server modes fit into CI/CD. Chain Dalfox behind your proxy, crawler, or recon stack.

REST API & MCP

Run Dalfox as a long-lived server with REST control, or expose it as an MCP tool to agents and IDEs.

Reports you can ship

Export to the format your workflow speaks, from terse CLI output to SARIF for GitHub code scanning.

JSON JSONL Markdown SARIF TOML Plain Silence

// Modes

Six ways to run Dalfox

Pick the shape that fits your target. Every mode shares the same discovery and verification engine.

$dalfox scan https://target.app

Point Dalfox at a single URL. It mines parameters, probes each context, and verifies every hit at the DOM level.

$dalfox scan urls.txt

Sweep a whole list of targets from a file, one URL per line, with the same engine and one report.

$cat urls.txt | dalfox scan

Read targets from stdin so Dalfox drops straight into your crawler or recon pipeline.

$dalfox scan https://app/post --sxss-url https://app/feed

Inject on one endpoint, then confirm the payload fires on another. Stored XSS, verified end to end.

$dalfox server

Run Dalfox as a long-lived REST API for async scan jobs, integrations, and dashboards.

$dalfox mcp

Expose Dalfox as an MCP tool so agents and IDEs can scan on your behalf.

From install to verified finding in three steps

Dalfox drops into whatever you already run. No setup ritual, no orchestration layer to stand up first.

Install

Grab Dalfox through Homebrew, Snap, Nix, cargo, or a prebuilt binary. One command, no runtime to manage.

brew install dalfox

Point at a target

Give it a URL, a file, or pipe in a crawl. Dalfox mines parameters, probes contexts, and adapts.

dalfox scan https://target.app

Ship the findings

Export to SARIF, JSON, or Markdown, or proxy results to your pipeline. Findings come verified, not guessed.

dalfox scan urls.txt -o report.sarif

Built in the open, by hunters everywhere

Dalfox is shaped by the people who run it. Open an issue, send a pull request, or trade payloads with the community. Every contribution makes the next scan sharper.

Thanks to our contributors

Ready to hunt?

Read the docs, star the repo, or drop Dalfox into your next recon loop.

ESC