Giters

iwakura1ain / Fuzzit-Web-Scanner

Simple web input/cookie/url fuzzer written in python.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

pythonscanner-webscannerinjection-frameworkinjection-attacksfuzzer

Fuzzit-Web-Scanner

Simple web input/cookie/url scanner written in python. Uses a json rule file to match injection cases against web app output.

Currently a work in progress.

Supported: Get, Post value injections, Cookie injection, and Page Discovery.

Usage

Fuzzit.py [RHOST] [WORDLIST] [RULE_FILE]

RHOST Format: www.url.com/script.php?injection_point=*
    - Mark injection points with a '*'.
    - Input values for non-injection points.
    - For status scans, mark a single '*' where WORDLIST will be appended.

-t, --type [get/post/cookie/status]
    - get: Send a get request with values from WORDLIST.
    - post: Send a post request with values from WORDLIST.
    - cookie: Send a get request with cookie values from WORDLIST.
    - status: Check if a url from WORDLIST exists.

-c, --cookie [COOKIE]
    - Specify cookie.
--cookie-file [FILE]
    - Specify cookie from file.

-o, --output [FILE]
    - Output to FILE

-v, -vv
    - v: Show NEGATIVE requests and headers.
    - vv: Show response page.

About

Simple web input/cookie/url fuzzer written in python.

pythonscanner-webscannerinjection-frameworkinjection-attacksfuzzer

Languages

Language:Python 100.0%