{"id":13840481,"url":"https://github.com/RedTeamPentesting/monsoon","last_synced_at":"2025-07-11T07:34:10.129Z","repository":{"id":41101302,"uuid":"109748414","full_name":"RedTeamPentesting/monsoon","owner":"RedTeamPentesting","description":"Fast HTTP enumerator","archived":false,"fork":false,"pushed_at":"2024-08-02T15:46:37.000Z","size":5489,"stargazers_count":453,"open_issues_count":3,"forks_count":40,"subscribers_count":20,"default_branch":"main","last_synced_at":"2024-08-05T17:25:07.913Z","etag":null,"topics":["enumerator","fast","fuzz","fuzzer","go","http","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RedTeamPentesting.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-11-06T20:52:05.000Z","updated_at":"2024-07-25T02:19:19.000Z","dependencies_parsed_at":"2022-07-16T05:30:48.438Z","dependency_job_id":"603c861d-e05b-4323-9fe4-153a2eccb4ed","html_url":"https://github.com/RedTeamPentesting/monsoon","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamPentesting%2Fmonsoon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamPentesting%2Fmonsoon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamPentesting%2Fmonsoon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamPentesting%2Fmonsoon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RedTeamPentesting","download_url":"https://codeload.github.com/RedTeamPentesting/monsoon/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225705477,"owners_count":17511308,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["enumerator","fast","fuzz","fuzzer","go","http","security"],"created_at":"2024-08-04T17:00:49.291Z","updated_at":"2024-11-21T09:31:39.305Z","avatar_url":"https://github.com/RedTeamPentesting.png","language":"Go","readme":"\u003cp align=\"center\"\u003e\n  \u003ch1 align=\"center\"\u003e\u003cb\u003emonsoon\u003c/b\u003e\u003c/h1\u003e\n  \u003cp align=\"center\"\u003e\u003ci\u003eA fast HTTP enumerator that allows you to execute a large number of HTTP requests, filter the responses and display them in real-time\u003c/i\u003e\u003c/p\u003e\n  \u003cp align=\"center\"\u003e\n    \u003ca href=\"https://github.com/RedTeamPentesting/monsoon/releases/latest\"\u003e\u003cimg alt=\"Release\" src=\"https://img.shields.io/github/release/RedTeamPentesting/monsoon.svg?style=for-the-badge\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://github.com/RedTeamPentesting/monsoon/actions?workflow=Build+and+tests\"\u003e\u003cimg alt=\"GitHub Action: Check\" src=\"https://img.shields.io/github/actions/workflow/status/RedTeamPentesting/monsoon/tests.yml?branch=main\u0026style=for-the-badge\"\u003e\u003c/a\u003e\n    \u003ca href=\"/LICENSE\"\u003e\u003cimg alt=\"Software License\" src=\"https://img.shields.io/badge/license-MIT-brightgreen.svg?style=for-the-badge\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://goreportcard.com/report/github.com/RedTeamPentesting/monsoon\"\u003e\u003cimg alt=\"Go Report Card\" src=\"https://goreportcard.com/badge/github.com/RedTeamPentesting/monsoon?style=for-the-badge\"\u003e\u003c/a\u003e\n  \u003c/p\u003e\n\u003c/p\u003e\n\n`monsoon` is a fast and flexible HTTP fuzzer that can be used for a wide variety\nof actions ranging from content discovery to credential bruteforcing. You can\nread about the various use cases in our blog posts [\"Introducing monsoon - a\nlean and versatile HTTP\nenumerator\"](https://blog.redteam-pentesting.de/2020/introducing-monsoon/) and\n[\"Bringing Monsoon to the Next\nLevel\"](https://blog.redteam-pentesting.de/2023/monsoon-next-level/).\n\nIn the following example, an HTTP GET request is sent for each entry in\n`filenames.txt`, ignoring all responses with the status code `404`:\n\n\n![basic demo](demos/demo1.gif)\n\n## Installation\n\nAs `monsoon` is a single statically linked binary, you can simply download a\npre-build binary for your operating system from the\n[releases page](https://github.com/RedTeamPentesting/monsoon/releases).\n\n### Building from source\n\nThese instructions will get you a compiled version of the code in the main\nbranch. First, you'll need a recent version of the\n[Go compiler](https://golang.org/dl), at least version 1.18. If your compiler is\nset up, clone the `monsoon` repository and run the following command from within\nthe checkout:\n\n```\n$ go build\n```\n\nAfterwards you'll find a `monsoon` binary in the current directory. It can be\nfor other operating systems such as Windows as follows:\n\n```\n$ GOOS=windows GOARCH=amd64 go build -o monsoon.exe\n```\n\n### Unofficial Packages\n\n**Please note that unofficial packages are not maintained by RedTeam Pentesting**\n\nFor Arch Linux based distributions `monsoon` is available as an unofficial\npackage on the [AUR](https://aur.archlinux.org/packages/monsoon). Using your\nAUR helper of choice such as [yay](https://github.com/Jguer/yay):\n\n```bash\nyay -S monsoon\n```\n\n## Documentation\n\nThe program has several subcommands, the most important one is `fuzz` which\ncontains the main functionality. You can display a list of commands as follows:\n\n```\n$ ./monsoon -h\nUsage:\n  monsoon command [options]\n\nAvailable Commands:\n  completion  Generate the autocompletion script for the specified shell\n  fuzz        Execute and filter HTTP requests\n  help        Help about any command\n  list        List and filter previous runs of 'fuzz'\n  show        Construct and display an HTTP request\n  test        Execute and filter HTTP requests\n  version     Print the current version\n\nOptions:\n  -h, --help   help for monsoon\n\nUse \"monsoon [command] --help\" for more information about a command.\n```\n\nFor each command, calling it with `--help` (e.g. `monsoon fuzz --help`) will\ndisplay a description of all the options, and calling `monsoon help fuzz`\nalso shows an extensive list of examples.\n\n## Wordlists\n\nThe [SecLists Project](https://github.com/danielmiessler/SecLists) collects\nwordlists that can be used with `monsoon`.\n","funding_links":[],"categories":["Network","Go","Go (531)"],"sub_categories":["Scanning / Pentesting","Network Vulnerability Scanners"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FRedTeamPentesting%2Fmonsoon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FRedTeamPentesting%2Fmonsoon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FRedTeamPentesting%2Fmonsoon/lists"}