Guide

The guide covers the concepts that make Dalfox effective — how parameters are discovered, which payloads run where, how Stored XSS detection works, and how to handle WAFs.

Each page is self-contained. Read them in order the first time, then come back as reference.

Topics

• Scanning Modes — Single URL, file batch, pipe, stored-XSS, server, and MCP.
• Parameters & Discovery — How Dalfox finds inputs, prunes false-positives, and mines wordlists.
• Payloads & Encoding — Built-in payload families, encoders, and custom wordlists.
• WAF Bypass — Fingerprinting WAFs and applying evasive mutations.
• Stored XSS — Inject on one URL, verify on another.
• Output & Reports — Plain, JSON, JSONL, Markdown, SARIF, TOML.

In This Section

• Output & Reports
• Parameters & Discovery
• Payloads & Encoding
• Scanning Modes
• Stored XSS
• WAF Bypass