UseReFuzz
User-Agent , X-Forwarded-For and Referer SQLI Fuzzer made with python
Works on linux
, Windows
and MacOS
based systems
Legal Disclaimer
Usage of userefuzz for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this programInstallation
- pip
sudo pip3 install userefuzz
- setup
git clone https://github.com/root_tanishq/userefuzz
cd userefuzz
python3 setup.py install
- kunto
kunto install userefuzz
Usage
- Parsing A List of URLS
userefuzz -l <URL LIST>
- Setup proxy for vulnerable requests
userefuzz -l <URL LIST> -p 'http://127.1:8080'
- Custom Message
Custom messages can be send with header for ease of sorting requerts in burpsuite
userefuzz -l <URL LIST> -p 'http://127.1:8080' -m '<Custom Message Here>'
- Custom Payload Injection
userefuzz -l <URL LIST> -i '<CUSTOM SQLI PAYLOAD>' -s <SLEEP ACCORDING TO PAYLOAD>