How to install Dalfox on Kali Linux

How to Install Dalfox on Kali Linux

Last verified for accuracy: August 19th, 2025

Dalfox is a powerful parameter analysis and XSS scanning tool that’s essential for web application security testing and bug bounty hunting. This guide covers multiple installation methods for Kali Linux users, ensuring you can get Dalfox running regardless of your system configuration.

Dalfox excels at finding reflected, stored, and DOM-based XSS vulnerabilities through intelligent parameter fuzzing and payload injection. Its advanced filtering capabilities and customizable scanning options make it a favorite among security professionals.

Installation Methods

There are three primary ways to install Dalfox on Kali Linux. Choose the method that best fits your needs and system configuration.

Method 1: Install from Kali Repositories (Recommended)

The easiest method is installing directly from Kali’s official repositories. This ensures automatic updates and proper integration with your system.

Advantages: Automatic updates, proper system integration, no additional dependencies required.

Method 2: Install via Go (Latest Version)

If you want the absolute latest version or prefer building from source, use Go to install directly from the repository.

Prerequisites: Go must be installed on your system. Install it with:

Install Dalfox:

Advantages: Always gets the latest version, includes all recent features and bug fixes.

Adding Go’s bin directory to your PATH

After installing a Go tool with go install, you need to add Go’s bin directory to your PATH so you can run the binary from anywhere.

For Bash users:

echo 'export PATH=$PATH:$(go env GOPATH)/bin' >> ~/.bashrc
source ~/.bashrc

For Zsh users:

echo 'export PATH=$PATH:$(go env GOPATH)/bin' >> ~/.zshrc
source ~/.zshrc

For immediate use without restarting your terminal:

export PATH=$PATH:$(go env GOPATH)/bin

Verify the installation worked:

which dalfox
dalfox version

Method 3: Download Pre-compiled Binary

Download the pre-compiled binary directly from GitHub releases. This method works without Go dependencies.

Note: Check the releases page for the latest version number and update the download URL accordingly.

Advantages: No dependencies, works on systems without Go, direct control over binary placement.

Making Go-Installed Dalfox Available System-Wide

If you used Method 2 (Go install), the binary is installed to $HOME/go/bin and may not be immediately available in your PATH. Here’s how to make it accessible system-wide.

Option 1: Copy to System Path (Simple)

The quickest solution is copying the binary to a directory that’s already in your PATH:

Option 2: Add Go Bin to PATH Permanently

This method adds the Go bin directory to your PATH, making all Go-installed tools available. The command differs depending on your shell.

For Bash Users

For Zsh Users

Check your shell: If you’re unsure which shell you’re using, run:

Option 3: Create Symbolic Link

Create a symbolic link that points to the Go binary:

Advantages: The link automatically updates when you upgrade Dalfox via Go.

Verify Installation

Regardless of which installation method you used, verify that Dalfox is working correctly:

If the commands execute without errors, Dalfox is successfully installed and ready for use.

Basic Usage Examples

Once installed, here are some basic Dalfox commands to get you started:

Troubleshooting

Command Not Found

If you get a “command not found” error:

• Verify the binary is in your PATH with which dalfox
• Check if the binary exists: ls -la ~/go/bin/dalfox (for Go installs)
• Restart your terminal or run source ~/.bashrc or source ~/.zshrc

Permission Denied

If you get permission errors, ensure the binary is executable:

Keeping Dalfox Updated

• APT Installation: sudo apt update && sudo apt upgrade dalfox
• Go Installation: go install github.com/hahwul/dalfox/v2@latest
• Manual Binary: Download and replace the binary from GitHub releases

Regular updates ensure you have the latest security improvements and bug fixes for optimal XSS detection capabilities.

⭐ Ready for a reliable, high-performance VPS at an unbeatable price? We host our own Kali labs on Hostinger: 4 vCPU, NVMe storage, 16 GB RAM and 16 TB bandwidth, backed by 24/7 support and a 30-day money-back guarantee. You’ll save up to 20% when you lock in a 24-month plan. Grab a Hostinger VPS using this referral link and support our content.

🚀 Claim Your Hostinger VPS Now (from only US$ 7.99/mo)