https://github.com/root-tanishq/userefuzz

User-Agent , X-Forwarded-For and Referer SQLI Fuzzer
https://github.com/root-tanishq/userefuzz

hacking hacking-tool penetration-testing pentest-tool python

Last synced: about 2 months ago
JSON representation

User-Agent , X-Forwarded-For and Referer SQLI Fuzzer

• Host: GitHub
• URL: https://github.com/root-tanishq/userefuzz
• Owner: root-tanishq
• License: mit
• Created: 2022-09-19T11:39:17.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-05-19T17:30:31.000Z (over 1 year ago)
• Last Synced: 2024-10-31T16:51:14.420Z (2 months ago)
• Topics: hacking, hacking-tool, penetration-testing, pentest-tool, python
• Language: Python
• Homepage: https://pypi.org/project/userefuzz/
• Size: 3.17 MB
• Stars: 378
• Watchers: 2
• Forks: 64
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        








[![PYPI](https://img.shields.io/badge/PYPI-UseReFuzz-orange)](https://pypi.org/project/userefuzz/) 

[![MIT](https://img.shields.io/github/license/root-tanishq/userefuzz)](https://github.com/root-tanishq/userefuzz/blob/main/LICENSE) 

[![Version](https://img.shields.io/badge/Latest--Version-2.2.0-brightgreen)](#)

[![Twitter URL](https://img.shields.io/twitter/url/https/twitter.com/root_tanishq.svg?style=social&label=Follow%20%40root_tanishq)](https://twitter.com/root_tanishq) 


[![Youtube](https://img.shields.io/youtube/channel/subscribers/UC0HLRnmOx3x_hsAGAdG9VaQ?style=social)](https://www.youtube.com/@boyfromfuture69)

[![Github](https://img.shields.io/github/stars/root-tanishq/userefuzz?style=social)](https://github.com/root-tanishq/userefuzz/stargazers)

[![Expy](https://img.shields.io/badge/Author-Tanishq%20Rathore-blue)](https://expy.bio/tanishq)





User-Agent , X-Forwarded-For and Referer SQLI Fuzzer made with `python`


**Works on `linux` and `unix` based systems**




  



### Legal Disclaimer



Usage of userefuzz for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program






# Installation



### pip

```sh

sudo pip install userefuzz

```

### setup

```sh

git clone https://github.com/root-tanishq/userefuzz

cd userefuzz

sudo python3 setup.py install

```



# Usage  





## Parsing URLs



### Parsing a list of URLs

```sh

$ userefuzz -l 

```







### Parsing a URL

```sh

$ userefuzz -u 

```







### Parsing stdin URLs 

```sh

$  | userefuzz

```





> Use `-v` switch for verbose(includes non-vuln detected URLs) output 





## Multi Processing



> Multi Processing will create more process and will increase the speed of the tool.

```sh

$ userefuzz  -w 

```









## Proxy Interception And Custom Injection



### Proxy interception of vulnerable request

```sh

$ userefuzz  -p 

```









### Custom message in request

```sh

$ userefuzz  -m 

```









### Custom payload with custom sleep

> Replace `sleep time` with `$UFZ$` variable for double verification of userefuzz

```sh

$ userefuzz  -i  -s 

```

### Multi payload with custom sleep

> Replace `sleep time` with `$UFZ$` variable for double verification of userefuzz

```sh

$ userefuzz  -i  -s 

```

### Custom header injection

```sh

$ userefuzz  -ch 

```









### Multi header injection

> For multiple headers use `|` as shown below.

```sh

$ userefuzz  -ch  

```











## Output



### Markdown output

```sh

$ userefuzz  -o 

```







### Output file content