Yet another web fuzzer

Related tags

Security related resourcesyafuzz
Overview

yafuzz

Yet another web fuzzer

Usage

This script can run in two modes of operation.

Supplying a wordlist -W argument will initiate a multithreaded fuzzing session.

Lack of wordlist -W tag will run this script in interactive inline mode.

Use Burp Pro instead if you have one.

Key features:

  • Fuzzer will replace all [INJECT] tags with specified payload (supports url, data, headers, cookies)
  • Multiple HTTP methods will result in separate request for each
  • Request body will not be automatically encoded or formated based on content type
  • A wordlist can be supplied as input through -W or --wordlist argument
  • Strings of interest can be extracted through regex pattern through -E or --extract tag
  • Response details or status codes can be filtered by supplying CRC or code in -B or --ban arguments (supports multiple values)
  • Request headers can be set by through -H or --header tags (supports multiple values)
  • Associated cookies can be configured by supplying -C or --cookie argument (supports multiple values)
  • Request data can be set by through -D or --data tag (requires manual content-type header)
  • Fuzzing speed can be controlled by -S or --speed argument which defines amount of concurent threads
  • Request HTTP methods used in fuzzing can be sent by supplying -M or --method tags (supports multiple values)
  • Keyword used for payload replacement can be modified with -T or --TAG argument
  • Redirect handling can be controlled through -R or --redirect tag
  • HTTP request timeout can be set bu supplying -O or --timeout argument
  • Verbose output, including full response body can be enabled by -V or --verbose tag
  • Proxy for outgoing requests can be configured through -X or --proxy argument

Demo

demo

usage: yafuzz.py [-h] --url URL [--wordlist WORDLIST] [--extract EXTRACT]
                 [--ban BANNED] [--header HEADERS] [--cookie COOKIES]
                 [--data DATA] [--speed SPEED] [--method METHOD] [--tag TAG]
                 [--redirect] [--timeout TIMEOUT] [--verbose] [--proxy PROXY]

Yet another HTTP fuzzer

optional arguments:
  -h, --help            show this help message and exit
  --url URL, -U URL     Target HTTP URL address
  --wordlist WORDLIST, -W WORDLIST
                        Wordlist file path
  --extract EXTRACT, -E EXTRACT
                        RegEx pattern to extract from response
  --ban BANNED, -B BANNED
                        Ban specific crc32 hash or response code from output
  --header HEADERS, -H HEADERS
                        HTTP Headers i.e. "TEST: true"
  --cookie COOKIES, -C COOKIES
                        HTTP Cookies i.e. "TEST=true"
  --data DATA, -D DATA  HTTP request body
  --speed SPEED, -S SPEED
                        Number of threads
  --method METHOD, -M METHOD
                        HTTP method to use
  --tag TAG, -T TAG     Tag to search for and replace
  --redirect, -R        Accept HTTP redirects
  --timeout TIMEOUT, -O TIMEOUT
                        Timeout of the HTTP request
  --verbose, -V         Enable verbose output
  --proxy PROXY, -X PROXY
                        Enable HTTP proxy
Owner
FooBallZ
Marek Cybul
FooBallZ
GitHub Repository
A CTF2.5/MMF2 Decompiler

CondaDEV A CTF2.5/MMF2 Decompiler What is CondaDEV? CondaDEV (anaCondaDEVeloper) is a fork of Anaconda Mode 4.1, with a lot of Quality of Life patches

ClickNinYT 4 Mar 07, 2022
A Simple File Encryptor/Decryptor

Ec: A Simple File Encryptor/Decryptor This has been made for educational reasons only, any constructive criticism/advice/comments are welcome! Also, p

1 Dec 10, 2021
Exploit grafana Pre-Auth LFI

Grafana-LFI-8.x Exploit grafana Pre-Auth LFI How to use python3

2 Jul 25, 2022
Scanning for CVE-2021-44228

Filesystem log4j_scanner for windows and Unix. Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571 Requires a minimum of Python 2.7. Can be ex

Brett England 4 Jan 09, 2022
Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

dora Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to write a good report for bug bount

Siddharth Dushantha 243 Dec 27, 2022
This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.

This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.

신재욱 17 Sep 25, 2022
QHack-2022 - Solutions to the Coding Challenges of QHack 2022

QHack 2022 Problems from Coding Challenges 2022. Rules and how it works To test

Isacco Gobbi 1 Feb 14, 2022
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o

2 Nov 09, 2022
Docker Compose based system for running remote browsers (including Flash and Java support) connected to web archives

pywb Remote Browsers This repository provides a simple configuration for deploying any pywb with remote browsers provided by OWT/Shepherd Remote Brows

Webrecorder 10 Jul 28, 2022
Log4j-Scanner with Bind-Receipt and custom hostnames

Hrafna - Log4j-Scanner for the masses Features Scanning-system designed to check your own infra for vulnerable log4j-installations start and stop scan

18 Jan 23, 2022
log4j2 passive burp rce scanning tool get post cookie full parameter recognition

log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址

5 Dec 10, 2021
A bare-bones POC container runner in python

pybox A proof-of-concept bare-bones container written in 50 lines of python code. Provides namespace isolation and resource limit control Usage Insta

Anirudh Haritas Murali 5 Jun 03, 2021
Trustme: #1 quality TLS certs while you wait

trustme: #1 quality TLS certs while you wait You wrote a cool network client or server. It encrypts connections using TLS. Your test suite needs to ma

479 Dec 27, 2022
A small POC plugin for launching dumpulator emulation within IDA, passing it addresses from your IDA view using the context menu.

Dumpulator-IDA Currently proof-of-concept This project is a small POC plugin for launching dumpulator emulation within IDA, passing it addresses from

Michael 9 Sep 21, 2022
this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a

Titan_Exodous 1 Nov 04, 2021
Now patched 0day for force reseting an accounts password

Animal Jam 0day No-Auth Force Password Reset via API Now patched 0day for force reseting an accounts password Used until patched to cause anarchy. Pro

IRIS 10 Nov 17, 2022
Hack any account sending fake nitro QR code (only for educational purpose)

DISCORD_ACCOUNT_HACKING_TOOL ( EDUCATIONAL PURPOSE ) Hack any account sending fake nitro QR code (only for educational purpose) Start my program token

Novy 7 Jan 07, 2022
CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE

CVE-2022-1388 CVE-2022-1388 F5 BIG-IP iControl REST Auth Bypass RCE. POST /mgmt/tm/util/bash HTTP/1.1 Host: Accept-Encoding: gzip, deflate Accept: */

M4rtin Hsu 81 Dec 12, 2022
Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077

CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus 11306 Based on: https://xz.aliyun.com/t/106

Horizon 3 AI Inc 25 Nov 09, 2022
#whois it? Let's find out!

whois_bot #whois it? Let's find out! Currently in development: a gatekeeper bot for a community (https://t.me/IT_antalya) of 250+ expat IT pros of Ant

Kirill Nikolaev 14 Jun 24, 2022