Afuzz: Automated program for fast fuzzing

Afuzz is an automated tool for web path fuzzing and is recommended for everyone involved in security and bug bounty. It's open program, written in python. What makes it unique is the fast results it shows as the fuzzing process is quite time-consuming and creates noise in the .

afuzz

Specifications

  • Afuzz automatically detects the development language used by the website and creates depending on the language.
  • It uses blacklist to filter invalid pages
  • It uses whitelists to find content that bug hunters are interested in them on the page
  • Filters the content on the page
  • It judges 404 error pages in multiple ways
  • Perform statistical analysis of the results after scanning to get the final result.
  • It supports HTTP2

Installation and Available Options

git clone https://github.com/rapiddns/Afuzz.git
cd Afuzz
python setup.py install

ή

pip install afuzz

Wordlists

  • Η λίστα λέξεων είναι ένα αρχείο κειμένου, όπου κάθε γραμμή είναι και μια διαδρομή
  • Σχετικά με τις επεκτάσεις, το Afuzz αντικαθιστά τη λέξη-κλειδί %EXT% με τις επεκτάσεις από το flag -e.Αν δεν υπάρχει το flag -e, χρησιμοποιείται η προ.
  • Δημιουργήστε ένα λεξικό με τα ονόματα των τομέων που ψάχνετε κάθε φορά. Το Afuzz αντικαθιστά το %subdomain% με το host, το %rootdomain% με το root domain, το %sub% με το subdomain και το %domain% με το domain και δημιουργείτε σύμφωνα με το %ext%

Examples

index.%EXT%
index
index.asp
index.aspx
%subdomain%.%ext%
%sub%.bak
%domain%.zip
%rootdomain%.zip

test-www.hackerone.com.php
test-www.zip
test.zip
www.zip
testwww.zip
hackerone.zip
hackerone.com.zip

Χρήση

 ##   ##### ##  # #### ####
 # ##   ##   ##  #   ##   ##
 ####   #### ##  #  ##   ##
 # ##   ##   ##  # ##   ##
## ### ####   ###  #### ####

usage: afuzz [options]

An Automated Web Path Fuzzing Tool.
By RapidDNS (https://rapiddns.io)

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     Target URL
  -o OUTPUT, --output OUTPUT
                        Output file
  -e EXTENSIONS, --extensions EXTENSIONS
                        Extension list separated by commas (Example: php,aspx,jsp)
  -t THREAD, --thread THREAD
                        Number of threads
  -d DEPTH, --depth DEPTH
                        Maximum recursion depth


Παραδείγματα χρήσης

afuzz -u https://target
afuzz -e php,html,js,json -u https://target
afuzz -e php,html,js -u https://target -d 3
 Μπορείτε να κατεβάσετε το πρόγραμμα από εδώ.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).