06-10-2025, 12:21 AM
Sharing a quick and effective one-liner to discover parameter-based vulnerabilities like XSS using archived URLs and fuzzing templates.
Single Subdomain One-Liner:
Multiple Subdomains (List from subs.txt):
You can also use anew in place of >> to avoid duplicate URLs in live-params.txt.
Requirements:
Optional Speed Boost:
Single Subdomain One-Liner:
Code:
echo sub.target.com | waybackurls \
| grep "=" \
| gf xss \
| uro \
| httpx -silent -mc 200 -title \
> live-params.txt && \
nuclei -l live-params.txt -t fuzzing-templates/ -severity low,medium,high -o findings.txtMultiple Subdomains (List from subs.txt):
Code:
cat subs.txt | while read sub; do
echo "[*] Processing $sub"
echo $sub | waybackurls \
| grep "=" \
| gf xss \
| uro \
| httpx -silent -mc 200,302,403 -title \
>> live-params.txt
done
nuclei -l live-params.txt -t fuzzing-templates/ -severity low,medium,high -o findings.txtYou can also use anew in place of >> to avoid duplicate URLs in live-params.txt.
Requirements:
- You are not allowed to view links. Register or Login to view.
- You are not allowed to view links. Register or Login to view.
- You are not allowed to view links. Register or Login to view.
- You are not allowed to view links. Register or Login to view.
- You are not allowed to view links. Register or Login to view. with fuzzing-templates
Optional Speed Boost:
Code:
cat subs.txt | xargs -P 10 -I{} bash -c \
'echo {} | waybackurls | grep "=" | gf xss | uro | httpx -silent -mc 200,302,403 -title' >> live-params.txt