images | Loading last commit info... | |
userefuzz | ||
LICENSE | ||
README.md | ||
pypi.md | ||
setup.py |
README.md
User-Agent , X-Forwarded-For and Referer SQLI Fuzzer made with python
Works on linux
, Windows
and MacOS
based systems
Legal Disclaimer
Usage of userefuzz for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
Installation
- pip
pip install userefuzz
It will be installed by the name
userefuzz.py
- setup
git clone https://github.com/root-tanishq/userefuzz
cd userefuzz
python3 setup.py install
It will be installed by the name
userefuzz.py
Usage
Parsing a list of URLs
userefuzz -l <URL LIST>
Parsing a URL
userefuzz -u <URL>
Parsing stdin
<SOME COMMANDS> | userefuzz
Verbose Output
userefuzz <LIST / URL> -v
Multi Processing
userefuzz <LIST / URL> -w <WORKER COUNT>
1 Worker Took 23 secs
10 Worker Took 20 secs
Proxy Interception of Vulnerable Requests
userefuzz <LIST / URL> -p <YOUR PROXY>
Custom Message in request
userefuzz <LIST / URL> -m <MESSAGE>
Custom Payload with custom sleep
userefuzz <LIST / URL> -i <CUSTOM SQLI PAYLOAD> -s <SLEEP COUNT IN THE PAYLOAD>
Custom Header Injection
userefuzz <LIST / URL> -ch <CUSTOM HEADER NAME>
Output
userefuzz <LIST / URL> -o <OUTPUT FILE NAME WITHOUT EXT>
Output File
Telegram Notifications of Vulnerable Requests with Telify
The Tool uses Telify configuration file for sending notification .So inorder to use this feature you need to setup telify
userefuzz <LIST / URL> -t