GitHub - M-Bowe/web-fuzzer: A customizable and exploratory fuzz-testing tool written in Ruby. Simulates the web browser to create HTTP requests, parse HTML, and mimic user actions. After crawling through the webapp, the fuzzer will discover pages and inputs, then test for vulnerabilities.

Installation

Ensure Ruby is installed and the gem Mechanize is added (gem install mechanize)
Pull the master branch of this repository
Launch Git Bash inside the repository, please read important note before executing commands.

Part 0: --custom-auth:

An example of properly using --custom-auth: ruby fuzzer.rb test http://127.0.0.1/dvwa/index.php --custom-auth=dvwa

Part 1: discover:

An example of properly using the discover command: ruby fuzzer.rb discover http://localhost/dvwa --custom-auth=dvwa --common-words=/words.txt

Part 2: test:

An example of properly using the test command: ruby fuzzer.rb test http://localhost/dvwa --custom-auth=dvwa --common-words=/words.txt --vectors=/vectors.txt --sensitive=my_sensitive_data_file.txt --random=true --slow=100

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
.gitattributes		.gitattributes
.gitignore		.gitignore
.gitlab-ci.yml		.gitlab-ci.yml
README.md		README.md
fuzzer.rb		fuzzer.rb
my_sensitive_data_file.txt		my_sensitive_data_file.txt
vectors.txt		vectors.txt
words.txt		words.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

About

Releases

Packages

Languages

M-Bowe/web-fuzzer

Folders and files

Latest commit

History

Repository files navigation

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages