{
"info": {
"author": "sirpsycho",
"author_email": "",
"bugtrack_url": null,
"classifiers": [
"Development Status :: 3 - Alpha",
"License :: OSI Approved :: MIT License",
"Programming Language :: Python",
"Programming Language :: Python :: 2",
"Programming Language :: Python :: 3"
],
"description": "# PyIntruder\nSimple Command Line URL Fuzzer\n\n\n```\n./PyIntruder.py -h\nUsage: ./PyIntruder.py [options] \n(Use '$' as variable in url that will be swapped out with each payload)\n\nExample: PyIntruder.py http://www.example.com/file/$.pdf payloads.txt\n\nOptions:\n -h, --help show this help message and exit\n -r, --redir Allow HTTP redirects\n -s, --save Save HTTP response content to files\n -o OUT, --out=OUT Directory to save HTTP responses\n ```\n\n\n# Description\nThis script allows a user to quickly test many similar URLs and analyze responses. This can act as a simplified alternative to Burp Suite's \"Intruder\" tool (which heavily rate-limits requests in the free version......).\n\n# Use Case\n\nAs an example, say you observe the following URL:\n```\nhttp://www.example.com/file/74\n```\nWhen accessing the URL, your browser redirects you to a page which automatically downloads a file (this could be any type of file - pdf, doc, exe, mp3, etc.). This is a common method of allowing users of a website to download content. In this particular example, the URL above seems to beg the question: \"I wonder what I might find at 'http://www.example.com/file/75'? ...or at 'http://www.example.com/file/73'?\"\n\nThis program automates the process of attempting to browse to each of these potentially-interesting URLs by automatically cycling through a list of custom \"payloads\". A user can create a list of payloads (say, for example, a list of numbers from 1 through 100) and try each payload in a particular position within the URL (use the dollar-sign character to tell the program where to swap out your payloads within the URL).\n\n```\n./PyIntruder.py http://www.example.com/file/$ payloads.txt\n```\nIn the above command, where \"payloads.txt\" is a text file containing a list of numbers 1 - 100 (one number per line), a user can quickly determine which URLs lead somewhere interesting by comparing HTTP status code, Content-Length, or response time:\n\nsample output:\n```\nroot@kali:~# ./PyIntruder.py http://www.example.com/file/$ payloads.txt\nStatus Length Time Host\n----------------------------------------\n200 0 110.536 http://www.example.com/file/01\n200 0 112.312 http://www.example.com/file/02\n302 0 104.266 http://www.example.com/file/03\n\n...\n\n200 0 137.111 http://www.example.com/file/73\n302 0 120.607 http://www.example.com/file/74\n302 0 108.553 http://www.example.com/file/75\n\n...\n```\nIn this case, it looks like the interesting URLs are the ones that return a 302 HTTP status code (redirect). If all URLs are redirecting and you cant find any other distinguishing factors, try using the \"-r\" option to enable redirection. The redirected results will often contain more interesting/varying content-lengths. The program defaults to disabling the following of redirects. The reason for this is that it is usually much faster and a little less noisy/intrusive, which is good when running an initial scan.\n\n\nIn order to download whatever files might be available at each of these links, you can run a command like this:\n```\n./PyIntruder.py -rs -o /path/to/save/files http://www.example.com/file/$ payloads-refined.txt\n```\n\n- The \"r\" option tells the program to follow redirects\n- The \"s\" option tells the program to save HTTP responses\n- The \"o\" option tells the program where you want to save the responses on your local machine (this option is optional; by default, if \"s\" is used without \"o\", it will save files to the current directory)\n- \"payloads-refined.txt\" is your refined list of payloads. This can be useful in a case like this if you want to weed out a bunch of URLs that you found out don't go anywhere interesting.\n\n\n#Dependencies\nIf it's not already installed, make sure to [install Requests](http://docs.python-requests.org/en/master/user/install/) (try running \"pip install requests\").",
"description_content_type": null,
"docs_url": null,
"download_url": "",
"downloads": {
"last_day": -1,
"last_month": -1,
"last_week": -1
},
"home_page": "https://github.com/sirpsycho/PyIntruder",
"keywords": "pyintruder,http,fuzzer,url,scan",
"license": "MIT",
"maintainer": "",
"maintainer_email": "",
"name": "PyIntruder",
"package_url": "https://pypi.org/project/PyIntruder/",
"platform": "UNKNOWN",
"project_url": "https://pypi.org/project/PyIntruder/",
"project_urls": {
"Homepage": "https://github.com/sirpsycho/PyIntruder"
},
"release_url": "https://pypi.org/project/PyIntruder/0.1.4/",
"requires_dist": [
"requests (>=2.12.4)"
],
"requires_python": "",
"summary": "Command line URL fuzzer",
"version": "0.1.4"
},
"last_serial": 2568312,
"releases": {
"0.1.1": [
{
"comment_text": "",
"digests": {
"md5": "e0ef446752e793055fbe8bd067c22fcf",
"sha256": "0a03ef300ca403a6989a0e880bbe004e33a724b569bec4e3cc01ffaa7263f312"
},
"downloads": -1,
"filename": "PyIntruder-0.1.1-py2-none-any.whl",
"has_sig": false,
"md5_digest": "e0ef446752e793055fbe8bd067c22fcf",
"packagetype": "bdist_wheel",
"python_version": "py2",
"requires_python": null,
"size": 6396,
"upload_time": "2017-01-11T19:03:10",
"url": "https://files.pythonhosted.org/packages/ce/e9/09489324d504b05774e967a41a915730c526e1e6c0791047e0a6caa58ca3/PyIntruder-0.1.1-py2-none-any.whl"
},
{
"comment_text": "",
"digests": {
"md5": "f81be499126c33c8f19ef2204ea8a615",
"sha256": "8a0b3ce0904f77d101cbc59c77b72e89a903ffa638c995242d2e5608bd411f12"
},
"downloads": -1,
"filename": "PyIntruder-0.1.1.tar.gz",
"has_sig": false,
"md5_digest": "f81be499126c33c8f19ef2204ea8a615",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 3535,
"upload_time": "2017-01-11T19:03:12",
"url": "https://files.pythonhosted.org/packages/a5/94/c86826acfb6b4637f27e2744920aab0867e59046b44f1beaa361d950a323/PyIntruder-0.1.1.tar.gz"
}
],
"0.1.2": [
{
"comment_text": "",
"digests": {
"md5": "d2d328193435f3892defc947bee25367",
"sha256": "b5159129fb44ae0bcfd3fcd77074887f548bd18b5f0fc4f0fe255c42989353a0"
},
"downloads": -1,
"filename": "PyIntruder-0.1.2-py2-none-any.whl",
"has_sig": false,
"md5_digest": "d2d328193435f3892defc947bee25367",
"packagetype": "bdist_wheel",
"python_version": "py2",
"requires_python": null,
"size": 7633,
"upload_time": "2017-01-11T21:04:15",
"url": "https://files.pythonhosted.org/packages/2b/30/26b6a7619d10ba015295f73de5a8fd85aa4286d606d76b653dc721d4a55c/PyIntruder-0.1.2-py2-none-any.whl"
}
],
"0.1.3": [
{
"comment_text": "",
"digests": {
"md5": "97ef2f7aa956d49baa2b0e74f0fe63e8",
"sha256": "b6c378f01140f9fb72765a4e2da080fc50da139d9c8e5dded8399404cd98a670"
},
"downloads": -1,
"filename": "PyIntruder-0.1.3-py2-none-any.whl",
"has_sig": false,
"md5_digest": "97ef2f7aa956d49baa2b0e74f0fe63e8",
"packagetype": "bdist_wheel",
"python_version": "py2",
"requires_python": null,
"size": 7930,
"upload_time": "2017-01-11T21:23:05",
"url": "https://files.pythonhosted.org/packages/21/11/2b3a21c31fc6de0a780e8ac1c1e78c0e10ec6481607fa566fc5821a8452e/PyIntruder-0.1.3-py2-none-any.whl"
}
],
"0.1.4": [
{
"comment_text": "",
"digests": {
"md5": "fe7c470009cfe871886219e9520fbef3",
"sha256": "4fc59bb08775bce33a9049f336acf6de4a89437dd7b140348004ca9b71e9ea40"
},
"downloads": -1,
"filename": "PyIntruder-0.1.4-py2-none-any.whl",
"has_sig": false,
"md5_digest": "fe7c470009cfe871886219e9520fbef3",
"packagetype": "bdist_wheel",
"python_version": "py2",
"requires_python": null,
"size": 7926,
"upload_time": "2017-01-11T22:03:55",
"url": "https://files.pythonhosted.org/packages/9c/87/9df6ef286a66d0fd290e7b670425e2df86ee912887d71f299f1d486e62e1/PyIntruder-0.1.4-py2-none-any.whl"
}
]
},
"urls": [
{
"comment_text": "",
"digests": {
"md5": "fe7c470009cfe871886219e9520fbef3",
"sha256": "4fc59bb08775bce33a9049f336acf6de4a89437dd7b140348004ca9b71e9ea40"
},
"downloads": -1,
"filename": "PyIntruder-0.1.4-py2-none-any.whl",
"has_sig": false,
"md5_digest": "fe7c470009cfe871886219e9520fbef3",
"packagetype": "bdist_wheel",
"python_version": "py2",
"requires_python": null,
"size": 7926,
"upload_time": "2017-01-11T22:03:55",
"url": "https://files.pythonhosted.org/packages/9c/87/9df6ef286a66d0fd290e7b670425e2df86ee912887d71f299f1d486e62e1/PyIntruder-0.1.4-py2-none-any.whl"
}
]
}