Projects STRLCPY userefuzz Files
🤬
images Loading last commit info...
userefuzz
LICENSE
README.md
setup.py
README.md

UseReFuzz

User-Agent , X-Forwarded-For and Referer SQLI Fuzzer made with python
Works on linux, Windows and MacOS based systems

Twitter URL

Legality

Usage of userefuzz for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

Installation


  • pip
sudo pip3 install userefuzz
  • setup
git clone https://github.com/root_tanishq/userefuzz
cd userefuzz
python3 setup.py install
  • kunto
kunto install userefuzz

Usage


  • Parsing A List of URLS
userefuzz -l <URL LIST>

list

  • Setup proxy for vulnerable requests
userefuzz -l <URL LIST> -p 'http://127.1:8080'

proxy

burp_proxy

  • Custom Message

Custom messages can be send with header for ease of sorting requerts in burpsuite

userefuzz -l <URL LIST> -p 'http://127.1:8080' -m '<Custom Message Here>'

message

burp_message

  • Custom Payload Injection
userefuzz -l <URL LIST> -i '<CUSTOM SQLI PAYLOAD>' -s <SLEEP ACCORDING TO PAYLOAD>

inject

Please wait...
Page is in error, reload to recover