{"id":30612695,"url":"https://github.com/picobaz/pyformblaster","last_synced_at":"2025-10-09T12:07:03.660Z","repository":{"id":311894945,"uuid":"1045436059","full_name":"PicoBaz/PyFormBlaster","owner":"PicoBaz","description":"PyFormBlaster: A sleek Python web form fuzzer for ethical security audits. Blast forms with random and malicious inputs to uncover XSS, SQL Injection, and more. Features auto-field detection, CSV logging, and modular config. Test responsibly!","archived":false,"fork":false,"pushed_at":"2025-08-27T09:00:54.000Z","size":4,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-08-27T18:08:50.410Z","etag":null,"topics":["cybersecurity","ethical-hacking","form-fuzzer","fuzzing","penetration-testing","python","security","web-security"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PicoBaz.png","metadata":{"files":{"readme":"ReadMe.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-27T07:01:18.000Z","updated_at":"2025-08-27T11:19:02.000Z","dependencies_parsed_at":"2025-08-27T18:08:56.522Z","dependency_job_id":"1d83e0bc-ce5a-4f21-9564-26f641b2cab2","html_url":"https://github.com/PicoBaz/PyFormBlaster","commit_stats":null,"previous_names":["picobaz/pyformblaster"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/PicoBaz/PyFormBlaster","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicoBaz%2FPyFormBlaster","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicoBaz%2FPyFormBlaster/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicoBaz%2FPyFormBlaster/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicoBaz%2FPyFormBlaster/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PicoBaz","download_url":"https://codeload.github.com/PicoBaz/PyFormBlaster/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicoBaz%2FPyFormBlaster/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279001441,"owners_count":26083078,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","ethical-hacking","form-fuzzer","fuzzing","penetration-testing","python","security","web-security"],"created_at":"2025-08-30T05:35:21.860Z","updated_at":"2025-10-09T12:07:03.618Z","avatar_url":"https://github.com/PicoBaz.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PyFormBlaster\n\nA powerful, modular web form fuzzing tool built for ethical security audits in Python. PyFormBlaster enables developers and security enthusiasts to test web forms with random and malicious inputs, uncovering potential vulnerabilities like XSS, SQL Injection, or unexpected behaviors.\n\n⚠️ **Ethical Use Only**: This tool is for testing your own systems or with explicit permission. Misuse can lead to legal consequences. Always prioritize security best practices.\n\n## Features\n- **Modular Config**: All settings (URL, form fields, fuzzing rules) in a single `config.json` file for quick tweaks.\n- **Auto Form Detection**: Automatically extracts form fields using BeautifulSoup.\n- **Smart Input Generation**: Combines random strings with malicious payloads for comprehensive testing.\n- **Error Resilience**: Automatic retries on transient errors, with configurable delays to avoid locks.\n- **CSV Reporting**: Detailed logs of attempts, including response codes and content length.\n- **Python Powered**: Lightweight, runs anywhere with Python 3.6+.\n\n## Installation\n1. Clone the repo:\n   ```\n   git clone https://github.com/PicoBaz/PyFormBlaster.git\n   cd PyFormBlaster\n   ```\n2. Install dependencies:\n   ```\n   pip install -r requirements.txt\n   ```\n3. Edit `config.json` to match your setup (e.g., form URL, fields).\n\n## Usage\nRun the script:\n```\npython form_fuzzer.py\n```\n- Output: Progress in console, results in `form_fuzzer_results.csv`.\n- Example config tweak: Increase `maxAttempts` for deeper tests, but monitor for rate limits.\n\n## Configuration\nEdit `config.json`:\n- `formUrl`: Target form submission endpoint.\n- `formFields`: Default form fields (used if `autoDetectFields` is false).\n- `payloadConfig`: Tune attempts, delays, retries, input length, and malicious payload usage.\n- `characters`: Char sets for random inputs.\n\n## Extending PyFormBlaster\n- Add custom malicious payloads in `form_fuzzer.py`.\n- Integrate with external payload lists (e.g., OWASP lists in TXT files).\n- For advanced setups, fork and add parallel processing via `concurrent.futures`.\n\n## Disclaimer\nPyFormBlaster is an educational tool. Use responsibly—test only what you own. The author assumes no liability for misuse.\n\n\n\nStar the repo if it helps your audits! 🌟 Contributions welcome.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpicobaz%2Fpyformblaster","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpicobaz%2Fpyformblaster","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpicobaz%2Fpyformblaster/lists"}