Skip to content

Latest commit

 

History

History
83 lines (52 loc) · 2.19 KB

README.md

File metadata and controls

83 lines (52 loc) · 2.19 KB
Raw

CRLFsuite

made-with-python PyPI license GitHub release GitHub forks GitHub contributors

CRLFsuite is a fast tool specially designed to scan CRLF injection.

⬇️ Installation

$ git clone https://github.com/Nefcore/CRLFsuite.git
$ cd CRLFsuite
$ sudo python3 setup.py install
$ crlfsuite -h

⚙️ Features

✔️ Single URL scanning

✔️ Multiple URL scanning

✔️ Stdin supported

✔️ GET & POST method supported

✔️ Concurrency

✔️ Best Payloads list

✔️ Headers supported

✔️ Fast and efficient scanning with negligible false-positive

📈 Usage

Single URL scanning:

$ crlfsuite -u "http://testphp.vulnweb.com"

Multiple URLs scanning:

$ crlfsuite -i targets.txt

from stdin:

$ subfinder -d google.com -silent | httpx -silent | crlfsuite

Specifying cookies 🍪:

$ crlfsuite -u "http://testphp.vulnweb.com" --cookies "key=val; newkey=newval"

Using POST method:

$ crlfsuite -i targets.txt -m POST -d "key=val&newkey=newval"

🔑 License

👉 MIT LICENSE

🐞 Bug report

If You're facing some errors or issues with this tool, you can open a issue here:

👉 Open a issue