Projects STRLCPY userefuzz Files
🤬
images Loading last commit info...
userefuzz
LICENSE
README.md
pypi.md
setup.py
README.md

PYPI MIT Version Twitter URL
Youtube Github Expy

User-Agent , X-Forwarded-For and Referer SQLI Fuzzer made with python
Works on linux, Windows and MacOS based systems

Legal Disclaimer

Usage of userefuzz for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program

Installation


  • pip
pip install userefuzz

It will be installed by the name userefuzz.py

  • setup
git clone https://github.com/root-tanishq/userefuzz
cd userefuzz
python3 setup.py install

It will be installed by the name userefuzz.py

Usage


Parsing a list of URLs


userefuzz -l <URL LIST>

list

Parsing a URL


userefuzz -u <URL>

url

Parsing stdin


<SOME COMMANDS> | userefuzz

stdin

Verbose Output


userefuzz <LIST / URL> -v

vb

Multi Processing


userefuzz <LIST / URL> -w <WORKER COUNT>

1 Worker Took 23 secs

w1

10 Worker Took 20 secs

w1

Proxy Interception of Vulnerable Requests


userefuzz <LIST / URL> -p <YOUR PROXY>

proxy

Custom Message in request


userefuzz <LIST / URL> -m <MESSAGE>

msg

Custom Payload with custom sleep


userefuzz <LIST / URL> -i <CUSTOM SQLI PAYLOAD> -s <SLEEP COUNT IN THE PAYLOAD>

inject

Custom Header Injection


userefuzz <LIST / URL> -ch <CUSTOM HEADER NAME>

ch

Output


userefuzz <LIST / URL> -o <OUTPUT FILE NAME WITHOUT EXT>

o1

Output File

o1

Telegram Notifications of Vulnerable Requests with Telify


The Tool uses Telify configuration file for sending notification .So inorder to use this feature you need to setup telify

userefuzz <LIST / URL> -t

t

Please wait...
Page is in error, reload to recover