CRLFsuite - Fast CRLF injection scanning tool

CRLFsuite is a fast tool specially designed to scan CRLF injection.


⬇️ Installation

git clone https://github.com/Nefcore/CRLFsuite.git
cd CRLFsuite
sudo python3 setup.py install
crlfsuite -h

⚙️ Features

  • : Single URL scanning
  • : Multiple URL scanning
  • : Stdin supported
  • : GET & POST method supported
  • : Concurrency
  • : Best Payloads list
  • : Headers supported
  • : ast and efficient scanning with negligible false-positive

📈 Usage

Single URL scanning:

crlfsuite -u "http://testphp.vulnweb.com"

Multiple URLs scanning:

$ crlfsuite -i targets.txt

from stdin:

subfinder -d google.com -silent | httpx -silent | crlfsuite -s

Specifying cookies 🍪:

crlfsuite -u "http://testphp.vulnweb.com" --cookies "key=val; newkey=newval"

Using POST method:

crlfsuite -i targets.txt -m POST -d "key=val&newkey=newval"

🔑 License

🐞 Bug report

If You’re facing some errors or issues with this tool, you can open a issue here:

👉 Open a issue



Share this post




About

Welcome to Cyber-Security.tk my personal blog to share my knowledge
Cyber Security, Ethical Hacking, Web & Network Auditing, Reverse Engineering and Cryptography
This website don't use analytics tracking and is ads-free. JavaScript is enabled .


Contact

Forum : level23hacktools@0x1


2022 © 0x1 | Cyber Security Consulting - Copyright All Rights Reserved