User-Agent , X-Forwarded-For and Referer SQLI Fuzzer made with python
Works on linux
, Windows
and MacOS
based systems
- pip
sudo pip3 install userefuzz
- setup
git clone https://github.com/root_tanishq/userefuzz
cd userefuzz
python3 setup.py install
- kunto
kunto install userefuzz
- Parsing A List of URLS
userefuzz -l <URL LIST>
- Setup proxy for vulnerable requests
userefuzz -l <URL LIST> -p 'http://127.1:8080'
- Custom Message
Custom messages can be send with header for ease of sorting requerts in burpsuite
userefuzz -l <URL LIST> -p 'http://127.1:8080' -m '<Custom Message Here>'
- Custom Payload Injection
userefuzz -l <URL LIST> -i '<CUSTOM SQLI PAYLOAD>' -s <SLEEP ACCORDING TO PAYLOAD>