NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications.
github.com/0xKayala/NucleiFuzzer
NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei fuzzing templates to scan for vulnerabilities. NucleiFuzzer
streamlines the process, making it easier for security professionals
and web developers to detect and address security risks efficiently.
Download NucleiFuzzer to protect your web applications from vulnerabilities and attacks.
Note: Nuclei + Paramspider = NucleiFuzzer
Important: Make sure the tools Nuclei, httpx & Paramspider are installed on your machine and executing correctly to use the NucleiFuzzer without any issues.
ParamSpider git clone https://github.com/0xKayala/ParamSpider.git
Nuclei git clone https://github.com/projectdiscovery/nuclei.git
Fuzzing Templates git clone https://github.com/0xKayala/fuzzing-templates.git
nf -h
This will display help for the tool. Here are the options it supports.
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc. vulnerabilities in Web Applications
Usage: /usr/bin/nf [options]
Options:
-h, --help Display help information
-d, --domain <domain> Domain to scan for XSS, SQLi, SSRF, Open-Redirect..etc vulnerabilities
-f, --file <filename> File containing multiple domains/URLs to scanTo install NucleiFuzzer, follow these steps:
git clone https://github.com/0xKayala/NucleiFuzzer.git && cd NucleiFuzzer && sudo chmod +x install.sh && ./install.sh && nf -h && cd ..
Here are a few examples of how to use NucleiFuzzer:
-
Run
NucleiFuzzeron a single domain:nf -d example.com
Run NucleiFuzzer on multiple domains from a file:
nf -f file.txt
from https://github.com/0xKayala/NucleiFuzzer
No comments:
Post a Comment