In a single byte XOR, the length of the key is one byte, so there can be only 255 possible keys (0x0 - 0xff) with the exception of 0 as the key because XORing any value with 0 will give the same value as result (that is, no encryption). Since there are only 255 keys, you can try all possible keys on the encrypted data. This technique is useful if you know what to find in the decrypted data. For example, upon executing a malware sample, let's say the malware gets the computer hostname mymachine and concatenates with some data and performs single byte xor encryption, which encrypts it to a ciphertext lkwpjeia>i}ieglmja. Let's assume that this ciphertext is exfiltrated in a C2 communication. Now, to determine the key used to encrypt the ciphertext, you can either analyze the encryption function or brute-force it. The following python commands implement the brute-force technique; since we expect the decrypted string to contain "mymachine", the script decrypts the encrypted string (ciphertext) with all possible keys and displays the key and the decrypted content when "mymachine" is found. In the later-mentioned example, you can see the key was determined as 4 and the decrypted content hostname:mymachine, includes the hostname mymachine:

>>> def xor_brute_force(content, to_match):
    for key in range(256):
        translated = ""
        for ch in content:
            translated += chr(ord(ch) ^ key)
        if to_match in translated:
           print "Key %s(0x%x): %s" % (key, key, translated)

>>> xor_brute_force("lkwpjeia>i}ieglmja", "mymachine")
Key 4(0x4): hostname:mymachine

You can also use a tool such as ConverterNET to brute-force and determine the key. To do this, select Tools | Key Search/Convert. In the window that pops up, enter the encrypted content and the match string and press the Search button. If the key is found, it is displayed in the Result field as shown here: