[M] FuzzerHeaders

Common description

Module using for HTTP headers fuzzing with one or multiple URLs. All list of headers you may get in bases/fuzzer/headers.txt. You must specify list of already known URLs in «--urls-file» param. For every URL WS generate multiple requests with one modified header per once. String from bases/fuzzer/evil-value.txt using as value of header. WS report to you about some headers if server response 500 status code, or if response body contains phrases from file bases/bad-words.txt.

Module work only in «raw» mode.

Examples

URLs headers fuzzing:

./ws.py FuzzerHeaders --urls-file bases/demo/fuzzer-headers.txt

Options (* - necessary)

Name

By default

Description

--urls-file *

Path to already known URLs list. Host of this URLs and target host may not be equal.

--proxies

Yes

Yes

HTTP-proxy list.

--retest-re

Yes

Yes

RegEx (python.re) for check if request repeat is need. For example «Service Temporarily Unavailable».

--retest-codes

Yes

No

Set of status codes (separated by comma) as signature for request re-send.

--headers-file

Yes

No

File with HTTP headers for put it in work requests.

--msymbol

@

Yes

Yes

Mark symbol for search template (--template)

--delay

0

Yes

Yes

Delay in seconds between requests. It's options not for all threads together, it's for every thread separately.

--threads

10

Yes

Yes

Work threads count.

--test

0

Yes

Yes

Test mode enable

--xml-report

0

Yes

Yes

Path to save xml-report