Download address:Github: https://github.com/chaitin/xray/releases
The tutorial:https://www.ichunqiu.com/course/66236
The instructions:https://xray.cool/xray/#/tutorial/webscan_proxy
./xray_linux_amd64 version
The help file
./xray_linux_amd64 -h
./xray_linux_amd64 webscan -h
./xray_linux_amd64 webscan --basic-crawler http://36.103.243.217:81/common/newQuestion/action/index.php?
The vulnerability is shown in red
Validation of Query type XSS
Enter the payload into the parameter of the url, the exception indicates the existence of XSS (not necessarily popover)
Google browser plug-in SwitchyOmega download address:https://github.com/FelisCatus/SwitchyOmega/releases
Open the chrome extension, load the unzipped extension, and select SwitchyOmega_Chromium
2.Generate the root certificate and add the certificate (in the case of Linux systems)
./xray_linux_amd64 gencasudo cp ca.crt /usr/local/share/ca-certificates/xray.crt3.sudo update-ca-certificates
4. ./xray_linux_amd64 webscan --listen 127.0.0.1:1111 --html-output proxy.html
5.The report
the config.yaml file
Linkage burp
The first method, SRC mining
Xray in upstream
Bind to burp or proxy pools
The second method is the corporate business scenario
Burp does not automatically send requests upstream and is more secure
#extension
Webshell
Awvs range
2020-05-01