{"id":19866211,"url":"https://github.com/root-tanishq/userefuzz","last_synced_at":"2025-04-04T18:08:31.244Z","repository":{"id":59695445,"uuid":"538472655","full_name":"root-tanishq/userefuzz","owner":"root-tanishq","description":"User-Agent , X-Forwarded-For and Referer SQLI Fuzzer","archived":false,"fork":false,"pushed_at":"2023-05-19T17:30:31.000Z","size":3322,"stargazers_count":381,"open_issues_count":0,"forks_count":63,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-28T17:08:58.015Z","etag":null,"topics":["hacking","hacking-tool","penetration-testing","pentest-tool","python"],"latest_commit_sha":null,"homepage":"https://pypi.org/project/userefuzz/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/root-tanishq.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-09-19T11:39:17.000Z","updated_at":"2025-02-28T21:50:25.000Z","dependencies_parsed_at":"2024-11-12T15:32:18.261Z","dependency_job_id":null,"html_url":"https://github.com/root-tanishq/userefuzz","commit_stats":{"total_commits":20,"total_committers":2,"mean_commits":10.0,"dds":0.35,"last_synced_commit":"13bbc4e5464c01583444e64ae01ec632845b5857"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/root-tanishq%2Fuserefuzz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/root-tanishq%2Fuserefuzz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/root-tanishq%2Fuserefuzz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/root-tanishq%2Fuserefuzz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/root-tanishq","download_url":"https://codeload.github.com/root-tanishq/userefuzz/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247226215,"owners_count":20904465,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacking","hacking-tool","penetration-testing","pentest-tool","python"],"created_at":"2024-11-12T15:25:15.328Z","updated_at":"2025-04-04T18:08:31.229Z","avatar_url":"https://github.com/root-tanishq.png","language":"Python","readme":"\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/ufz_banner_may_23.png\"\u003e\n\u003c/p\u003e\n\u003ch1 align=\"center\"\u003e\n\n[![PYPI](https://img.shields.io/badge/PYPI-UseReFuzz-orange)](https://pypi.org/project/userefuzz/) \n[![MIT](https://img.shields.io/github/license/root-tanishq/userefuzz)](https://github.com/root-tanishq/userefuzz/blob/main/LICENSE) \n[![Version](https://img.shields.io/badge/Latest--Version-2.2.0-brightgreen)](#)\n[![Twitter URL](https://img.shields.io/twitter/url/https/twitter.com/root_tanishq.svg?style=social\u0026label=Follow%20%40root_tanishq)](https://twitter.com/root_tanishq) \u003cbr /\u003e\n[![Youtube](https://img.shields.io/youtube/channel/subscribers/UC0HLRnmOx3x_hsAGAdG9VaQ?style=social)](https://www.youtube.com/@boyfromfuture69)\n[![Github](https://img.shields.io/github/stars/root-tanishq/userefuzz?style=social)](https://github.com/root-tanishq/userefuzz/stargazers)\n[![Expy](https://img.shields.io/badge/Author-Tanishq%20Rathore-blue)](https://expy.bio/tanishq)\n\u003c/h1\u003e\n\n\u003ch3 align=\"center\"\u003e\n\nUser-Agent , X-Forwarded-For and Referer SQLI Fuzzer made with `python`\u003cbr/\u003e\n**Works on `linux` and `unix` based systems**\u003cbr /\u003e\n\u003c/h3\u003e\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd\u003e  \n\n\u003ch3 align=\"center\"\u003e\n\n### Legal Disclaimer\n\u003c/h3\u003e\nUsage of userefuzz for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program\n\u003cbr /\u003e\n\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n\u003ch1 align=\"center\"\u003e\n\n# Installation\n\u003c/h1\u003e\n\n### pip\n\n```sh\nsudo pip install userefuzz\n```\n\n### setup\n\n```sh\ngit clone https://github.com/root-tanishq/userefuzz\ncd userefuzz\nsudo python3 setup.py install\n```\n\n\u003ch1 align=\"center\"\u003e\n\n# Usage  \n\u003c/h1\u003e\n\u003ch2 align=\"center\"\u003e\n\n## Parsing URLs\n\u003c/h2\u003e\n\n### Parsing a list of URLs\n```sh\n$ userefuzz -l \u003cLIST\u003e\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_list.png\"\u003e\n\u003c/p\u003e\n\n### Parsing a URL\n```sh\n$ userefuzz -u \u003cURL\u003e\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_url.png\"\u003e\n\u003c/p\u003e\n\n### Parsing stdin URLs \n```sh\n$ \u003cSTDIN LIST\u003e | userefuzz\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_stdin.png\"\u003e\n\n\u003e Use `-v` switch for verbose(includes non-vuln detected URLs) output \n\n\u003c/p\u003e\n\u003ch2 align=\"center\"\u003e\n\n## Multi Processing\n\u003c/h2\u003e\n\n\u003e Multi Processing will create more process and will increase the speed of the tool.\n\n```sh\n$ userefuzz \u003cLIST / URL\u003e -w \u003cWORKER COUNT\u003e\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_workers.png\"\u003e\n\u003c/p\u003e\n\n\u003ch2 align=\"center\"\u003e\n\n## Proxy Interception And Custom Injection\n\u003c/h2\u003e\n\n### Proxy interception of vulnerable request\n```sh\n$ userefuzz \u003cLIST/URL\u003e -p \u003cPROXY\u003e\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_proxy.png\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_proxy2.png\"\u003e\n\u003c/p\u003e\n\n### Custom message in request\n```sh\n$ userefuzz \u003cLIST/URL\u003e -m \u003cMESSAGE\u003e\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_msg.png\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_msg2.png\"\u003e\n\u003c/p\u003e\n\n### Custom payload with custom sleep\n\n\u003e Replace `sleep time` with `$UFZ$` variable for double verification of userefuzz\n\n```sh\n$ userefuzz \u003cLIST/URL\u003e -i \u003cCUSTOM SQLI PAYLOAD\u003e -s \u003cSLEEP COUNT IN THE PAYLOAD\u003e\n```\n\n### Multi payload with custom sleep\n\n\u003e Replace `sleep time` with `$UFZ$` variable for double verification of userefuzz\n\n```sh\n$ userefuzz \u003cLIST/URL\u003e -i \u003cSQLI PAYLOAD FILE\u003e -s \u003cSLEEP COUNT IN THE PAYLOAD\u003e\n```\n\n### Custom header injection\n```sh\n$ userefuzz \u003cLIST/URL\u003e -ch \u003cCUSTOM HEADER NAME\u003e\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_finject2.png\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_sch2.png\"\u003e\n\u003c/p\u003e\n\n### Multi header injection\n\u003e For multiple headers use `|` as shown below.\n```sh\n$ userefuzz \u003cLIST/URL\u003e -ch \u003cCUSTOM HEADER NAME|OTHER HEADERS\u003e \n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_mch.png\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_mch2.png\"\u003e\n\u003c/p\u003e\n\n\n\u003ch2 align=\"center\"\u003e\n\n## Output\n\u003c/h2\u003e\n\n### Markdown output\n```sh\n$ userefuzz \u003cLIST/URL\u003e -o \u003cOUTPUT FILE NAME WITHOUT EXT\u003e\n```\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_output.png\"\u003e\n\u003c/p\u003e\n\n\n\n### Output file content\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://raw.githubusercontent.com/root-tanishq/userefuzz/main/images/u_2.1_out_md.png\"\u003e\n\u003c/p\u003e\n","funding_links":[],"categories":["Python"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froot-tanishq%2Fuserefuzz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Froot-tanishq%2Fuserefuzz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froot-tanishq%2Fuserefuzz/lists"}