CRLFsuite - CRLF injection scanner
CRLFsuite is a powerful tool for CRLF injection detection and exploitation. Want to know how it works. Here's how
Installation
You can install CRLFsuite using pip as given below:
pip3 install crlfsuite
or download this repository and run the following command:
sudo python3 setup.py install
Features
-
Single URL scanning
-
Multiple URL scanning
-
Stdin supported
-
WAF detection
-
Powerful payload generator
-
CRLF Injection to XSS Chaining feature
-
GET & POST method supported
-
Concurrency
-
Fast and efficient scanning with negligible false-positive
Newly added in v2.5.1:
-
Json & Text ouput supported
-
Multiple headers supported
-
Verbose output supported
-
Scan can be resumed after CTRL^C is pressed
-
Added heuristic (basic) scanner
-
Compatibility with windows