Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/danymat/ffufify

Convert a Burp request to ffuf command
https://github.com/danymat/ffufify

Last synced: about 1 month ago
JSON representation

Convert a Burp request to ffuf command

Awesome Lists containing this project

README

        

# Ffufify

Converts a burp request to a ffuf command.

## Installation

```
git clone https://github.com/danymat/ffufify.git
cd ffufify
lua ffufify.lua
```

## Example

```
GET /web-security/ HTTP/1.1
Host: portswigger.net
Cookie: Authenticated_UserVerificationId=8CC88CF5...
Sec-Ch-Ua: "Chromium";v="103", ".Not/A)Brand";v="99"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "macOS"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) ...
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close
```

Becomes:

```
$ lua ffufify.lua file /usr/share/wordlists/rockyou.txt

FFUFIFIED:

ffuf -u portswigger.net/web-security/ -X "GET" -w /usr/share/wordlists/rockyou.txt \
-H 'Cookie:Authenticated_UserVerificationId=8CC88CF5...' \
-H 'Sec-Ch-Ua:"Chromium";v="103", ".Not/A)Brand";v="99"' \
-H 'Sec-Ch-Ua-Mobile:?0' \
-H 'Sec-Ch-Ua-Platform:"macOS"' \
-H 'Upgrade-Insecure-Requests:1' \
-H 'User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) ...' \
-H 'Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Sec-Fetch-Site:none' \
-H 'Sec-Fetch-Mode:navigate' \
-H 'Sec-Fetch-User:?1' \
-H 'Sec-Fetch-Dest:document' \
-H 'Accept-Encoding:gzip, deflate' \
-H 'Accept-Language:fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7' \
-H 'Connection:close'
```

## Todo

- [ ] Create a generic converter for multiple applications (ffuf, gobuster, wfuzz, etc)
- [ ] Add more parameters
- [x] Support wordlist
- [ ] Support for post data