CRLFuzz - A fast tool to scan CRLF vulnerability written in Go

(111 views)

Installation from Binary The installation is easy. You can download a prebuilt binary from the releases page, unpack and run! or with ▶ curl -sSfL https://git.io/get-crlfuzz | sh -s -- -b /usr/local/bin from Source If you have go1.13+ compiler installed and configured: ▶ GO111MODULE=on go get -v github.com/dwisiswant0/crlfuzz/cmd/crlfuzz In order to update the tool, you can use -u flag with go gets command. from GitHub ▶ git clone https://github.com/dwisiswant0/crlfuzz ▶ cd crlfuzz/cmd/crlfuzz ▶ go build . ▶ mv crlfuzz /usr/local/bin Usage Basic Usage Simply, CRLFuzz can be run with: ▶ crlfuzz -u "https://target" Flags ▶ crlfuzz -h This will display help for the tool. Here are all the switches it supports. Flag Description -u, --url Define single URL to fuzz -l, --list Fuzz URLs within file -X, --method Specify request method to use (default: GET) -o, --output File to save results -d, --data Define request data -H, --header Pass custom header to....

September 21, 2020

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.