📁
WebScout 1.0a documentation
  • About
  • Quick Start
  • System requirements
  • Install
  • Work modes
  • Run
  • Test mode
  • [M] UrlsDict, UrlsMask & UrlsCombine
  • [M] ContentDiscovery
  • [M] ParamsDict and ParamsMask
  • [M] DnsDict, DnsMask & DnsCombine
  • [M] HostsDict, HostsMask & HostsCombine
  • [M] FuzzerUrls
  • [M] FuzzerHeaders
  • [M] Forms
  • Bases
  • Masks
  • Selenium
  • Proxies
  • TOR
  • XML-reports
  • Logging
  • Troubleshooting
  • Attention
  • Authors / Contacts
Powered by GitBook
On this page
  • Common description
  • Examples
  • Options (* - necessary)

Was this helpful?

[M] FuzzerUrls

Previous[M] HostsDict, HostsMask & HostsCombineNext[M] FuzzerHeaders

Last updated 5 years ago

Was this helpful?

Common description

Module using for URLs params fuzzing. It works by GET mode at this time. You must specify list of already known URLs in «--urls-file» param. For every param WS generate requests with some modifications (one param per once). You can find modification templates in bases/fuzzer/templates.txt. Templates has markers «|name|» for place param's name, and «|value|» for place param's value (from origin URL). For example, for URL « and template «|name|[][]=|value|» WS request next URLs: • • WS report to you about some headers if server response 500 status code, or if response body contains phrases from file bases/bad-words.txt.

Module works in «raw» and «selenium» modes.

Examples

URLs params fuzzing:

./ws.py FuzzerUrls --urls-file bases/demo/fuzzer-urls.txt

Options (* - necessary)

R - available in raw mode S - available in Selenium mode.

Name

By default

R

S

Description

--urls-file *

Yes

Yes

Path to already known URLs list. Host of this URLs and target host may not be equal.

--proxies

Yes

Yes

HTTP-proxy list.

--retest-re

Yes

Yes

RegEx (python.re) for check if request repeat is need. For example «Service Temporarily Unavailable».

--retest-codes

Yes

No

Set of status codes (separated by comma) as signature for request re-send.

--headers-file

Yes

No

File with HTTP headers for put it in work requests.

--msymbol

@

Yes

Yes

Mark symbol for search template (--template)

--delay

0

Yes

Yes

Delay in seconds between requests. It's options not for all threads together, it's for every thread separately.

--threads

10

Yes

Yes

Work threads count.

--test

0

Yes

Yes

Test mode enable

--xml-report

0

Yes

Yes

Path to save xml-report

--selenium

0

No

Yes

Selenium-mode enable

--browser-recreate-re

No

Yes

RegEx (python.re) for detect browser recreation need. If you using proxies, browser select new one.

--browser-wait-re

No

Yes

RegEx (python.re). If match, browser stop working and will wait for match disappear. You may use it for solve captcha by hands or wait for anti-ddos check («wait 5 secs, we check your browser»).

http://site.com/file.php?a=1&b=2»
http://site.com/file.php?a[][]=1&b=2
http://site.com/file.php?a=1&b[][]=2