|README.md||Loading last commit info...|
This repository contains a versatile Bash script for assessing web application security. It offers two primary functionalities: XML-RPC vulnerability checking and directory fuzzing using the powerful "ffuf" tool.
- Quickly assess whether a given URL is vulnerable to XML-RPC exploits.
- Detects if the target's XML-RPC server accepts POST requests only.
- Provides clear and informative results for each operation.
- Utilizes the powerful "ffuf" tool to perform directory and page fuzzing.
- Discover hidden directories, files, and endpoints on web servers.
- Ideal for reconnaissance and identifying potential attack vectors.
- Supports customizable wordlists for directory fuzzing.
- A Linux-based operating system (tested on Ubuntu).
- The "curl" and "ffuf" tools installed on your system.
- Basic knowledge of web security and directory fuzzing.
Clone this repository to your local machine:
git clone https://github.com/MINAD0/XML-RPC-Check.git cd XML-RPC-Check chmod +x xmlrpc.sh ### Wordlists - [seclists] (https://github.com/danielmiessler/SecLists/tree/master)