Skip to content

abhinashjain/proxyfuzzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
certs
certs
 
 
crawler-not working
crawler-not working
 
 
examples
examples
 
 
knock-knock4
knock-knock4
 
 
payloads
payloads
 
 
python-sitemap
python-sitemap
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ca.crt
ca.crt
 
 
ca.key
ca.key
 
 
cert.key
cert.key
 
 
commandinjection.py
commandinjection.py
 
 
commandinjection.pyc
commandinjection.pyc
 
 
directorytraversal.py
directorytraversal.py
 
 
directorytraversal.pyc
directorytraversal.pyc
 
 
https_trasparent.py
https_trasparent.py
 
 
proxyfuzzer-old.py
proxyfuzzer-old.py
 
 
proxyfuzzer.py
proxyfuzzer.py
 
 
read_json.py
read_json.py
 
 
sessionfixation.py
sessionfixation.py
 
 
sessionfixation.pyc
sessionfixation.pyc
 
 
setup_https_intercept.sh
setup_https_intercept.sh
 
 
subdomains.txt
subdomains.txt
 
 
ycombinator.com.json
ycombinator.com.json
 
 

Repository files navigation

proxyfuzzer

ProxyFuzzer is a proxy which intercept and fuzz the paramters in client request with the common web based attacks and payloads. It's a naive attempt to automate/test for the common web based attacks.

Fuzzing and automating the attacks for the following WebGoat 8.0 challenges:

  1. Bypass a Path Based Access Control Scheme (Directory Traversal)
  2. Command Injection (Command Injection)

Usage:

python2 proxyfuzzer.py 8080 directorytraversal

python2 proxyfuzzer.py 8080 commandinjection

python2 proxyfuzzer.py 8080 sessionfixation

Code taken from:

*proxy2 *knock *python-sitemap *Crawler

About

No description, website, or topics provided.

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages