Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/wdahlenburg/LogicalFuzzingEngine
A Burpsuite extension written in Python to perform basic validation fuzzing
https://github.com/wdahlenburg/LogicalFuzzingEngine
Last synced: 2 months ago
JSON representation
A Burpsuite extension written in Python to perform basic validation fuzzing
- Host: GitHub
- URL: https://github.com/wdahlenburg/LogicalFuzzingEngine
- Owner: wdahlenburg
- License: mit
- Created: 2018-10-31T21:55:04.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2022-10-07T22:52:26.000Z (over 2 years ago)
- Last Synced: 2024-08-02T00:23:09.635Z (6 months ago)
- Language: Python
- Size: 3.91 KB
- Stars: 11
- Watchers: 2
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-burp-extensions - LogicalFuzzingEngine - A Burpsuite extension written in Python to perform basic validation fuzzing (Payload Generators and Fuzzers / SSRF)
README
# Logical Fuzzing Engine
A Burpsuite extension written in Python to perform basic validation fuzzing.
This plugin creates an Intruder payload generator to fuzz based on the payloads type.
The engine will attempt to run a series of test for each type. It includes an interpolation technique to modify strings with numbers within them.
Extended Tests can be run to test for SQL Injection, XSS, and Command Injection.
This plugin works best when a Live Task is setup to audit Intruder requests.
### Requirements
[Jython](http://www.jython.org/downloads.html)
### How to use
1. Add the extension into extender
2. Send a request to Intruder
3. Apply the attack type of your choice
4. Switch to the payloads tab
5. Choose Extension-generated for the payload number you want to fuzz
6. Click Select Generator
7. Select Logical Fuzzing Engine
8. Click Start Attack