{ "info": { "author": "n3va", "author_email": "", "bugtrack_url": null, "classifiers": [], "description": "# Fuzdir\nWeb path fuzzer\n\n## Installing\nRun the following command to install with pip:\n```bash\n$ pip3 install fuzdir \n```\nRun the following commands to manually install:\n```bash\n$ git clone https://github.com/n3v4/fuzdir.git fuzdir\n$ cd fuzdir\n$ pip3 install -r requirements.txt\n```\n\n## Usage\nYou can start the process of fuzzing files and directories with the following command:\n```bash\n$ fuzdir.py -u -w \n```\nHelp message:\n```bash\nusage: fuzdir [-h] -u URL -w PATH [-e EXTENSIONS] [-E PATH] [-t THREADS]\n [--timeout TIMEOUT] [--retry RETRY] [--throttling SECONDS]\n [--proxy URL] [--user-agent USER AGENT] [-c COOKIE] [-H HEADER]\n [--allow-redirect] [-v]\n [--plain-report PATH | --json-report PATH] [-x CONDITIONS]\n\noptional arguments:\n -h, --help show this help message and exit\n\nnecessary arguments:\n -u URL, --url URL target URL\n -w PATH, --wordlist PATH\n path to word list\n\nextensions settings:\n -e EXTENSIONS, --extensions EXTENSIONS\n extension list separated by comma\n -E PATH, --extensions-file PATH\n path to file with extensions\n\nconnection settings:\n -t THREADS, --threads THREADS\n the maximum number of threads that can be used to requests, by default 10 threads\n --timeout TIMEOUT connection timeout, by default 5s.\n --retry RETRY number of attempts to connect to the server, by default 3 times\n --throttling SECONDS delay time in seconds (float) between requests sending\n --proxy URL HTTP or SOCKS5 proxy\n usage format:\n [http|socks5]://user:pass@host:port\n\nrequest settings:\n --user-agent USER AGENT\n custom user agent, by default setting random user agent\n -c COOKIE, --cookie COOKIE\n -H HEADER, --header HEADER\n pass custom header(s)\n --allow-redirect allow follow up to redirection\n\nlogging settings:\n -v, --verbose verbose logging\n\nreports settings:\n --plain-report PATH a plain text reporting about the found status code, content length and path\n --json-report PATH a reporting in JSON about the found status code, content length and path\n\nfilter:\n -x CONDITIONS conditions for responses matching\n available conditions:\n code\t\tfilter by status code\n length\tfilter by content length\n grep\t\tfilter by regex in response headers or / and body\n usage format:\n [ignore]::[]=\n examples:\n code=200,500\t\t match responses with 200 or 500 status code\n ignore:code=404\t match responses exclude with 404 status code\n length=0-1337,7331\tmatch responses with content length between 0 and 1337 or equals 7331\n grep='regex'\t\t match responses with 'regex' in headers or body\n grep:body='regex'\t match responses with 'regex' in body\n```\n\n### Extensions\nExtensions can be specified as `.ext` or `ext`, or as a formatted string `%.ext`. For example, if wordlist contains only\n `index`, and the extensions `php`, `.html`, `%.txt`, the following path will be sent to the server:\n```\n/index\n/index.php\n/index.html\n/index.txt\n```\n\n### Throttling\nThrottling allows you to adjust the frequency of sending packets to the server. To do this, you can explicitly pass the\n number of seconds that must elapse before sending the next packet to the server. For example, if the argument\n `--throttling 2.5` is passed to fuzdir, then 1 packet will be sent to the server every 2.5 seconds.\n\nBy default, when throttling isn't set, fuzdir adjusts the throttling value during fuzzing, tracking the response time\n from the server.\n\nThrottling can be completely disabled through `--throttling 0`. \n\n### Custom header(s)\nYou can pass one or more custom headers with `-H` or `--header`. For example, if you pass `-H Platform:web` and\n `-H \"Token: reWfBt1fnbgjEhA6wfs+Uw==\"` the following HTTP-request will be sent to the server:\n```\nGET /path HTTP/1.1\nHost: www.example.com\n...\nPlatform: web\nToken: reWfBt1fnbgjEhA6wfs+Uw==\n...\n```\n\n### Conditions\nConditions is a system for filtering HTTP responses during fuzzing. \n\nUsage format `[ignore]::[]=`\n- `ignore` condition inverting,\n- `condition` condition name,\n- `area` search area (only grep supported),\n- `args` condition arguments.\n\nCurrently it supports the following conditions:\n\n| Condition | Area | Args | Examples |\n| --------- | :---: | ---- | -------- |\n| code | no | list of status codes (or ranges) separated by comma | `-x code=200,500-503` match responses with 200, 500, 501, 502, or 503 status code |\n| length | no | list of lengths (or ranges) separated by comma | `-x length=0-1337,7331` match responses with content length between 0 and 1337 or equals 7331 |\n| grep | headers, body | regex | `-x grep=token` match responses which contains 'token' in headers or body
`-x grep:body=token` match responses which contains 'token' in body |\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/n3v4/fuzdir", "keywords": "fuzzing web security bruteforce testing", "license": "Apache-2.0", "maintainer": "", "maintainer_email": "", "name": "fuzdir", "package_url": "https://pypi.org/project/fuzdir/", "platform": "", "project_url": "https://pypi.org/project/fuzdir/", "project_urls": { "Homepage": "https://github.com/n3v4/fuzdir" }, "release_url": "https://pypi.org/project/fuzdir/1.0.0/", "requires_dist": [ "colorama", "pysocks", "requests", "urllib3", "twine ; extra == 'dev'", "wheel ; extra == 'dev'" ], "requires_python": ">=3.4", "summary": "Web path fuzzer", "version": "1.0.0" }, "last_serial": 5787074, "releases": { "1.0.0": [ { "comment_text": "", "digests": { "md5": "a5cdfd7ab64d2c613b89aabf02b444b7", "sha256": "852ca792269018072fbd06e993f54827689bb66d84fbe057ae1c1a3b49fc4fb4" }, "downloads": -1, "filename": "fuzdir-1.0.0-py3-none-any.whl", "has_sig": false, "md5_digest": "a5cdfd7ab64d2c613b89aabf02b444b7", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.4", "size": 36811, "upload_time": "2019-09-05T15:12:03", "url": "https://files.pythonhosted.org/packages/fe/44/9f307a829b01a7c86fb2cbae168214f10ce3a481af664edfa61777925b97/fuzdir-1.0.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4237b7f8e912b183019202896581da73", "sha256": "55b719737e0288d6b0fedfea098f1bd869130aa692a757e3a173ac4f60c19082" }, "downloads": -1, "filename": "fuzdir-1.0.0.tar.gz", "has_sig": false, "md5_digest": "4237b7f8e912b183019202896581da73", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.4", "size": 19423, "upload_time": "2019-09-05T15:12:06", "url": "https://files.pythonhosted.org/packages/1d/ce/54b7cc40a7ce5bc417d86341ac41eb391e1258b816078df9ee38ee2a6eec/fuzdir-1.0.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "a5cdfd7ab64d2c613b89aabf02b444b7", "sha256": "852ca792269018072fbd06e993f54827689bb66d84fbe057ae1c1a3b49fc4fb4" }, "downloads": -1, "filename": "fuzdir-1.0.0-py3-none-any.whl", "has_sig": false, "md5_digest": "a5cdfd7ab64d2c613b89aabf02b444b7", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.4", "size": 36811, "upload_time": "2019-09-05T15:12:03", "url": "https://files.pythonhosted.org/packages/fe/44/9f307a829b01a7c86fb2cbae168214f10ce3a481af664edfa61777925b97/fuzdir-1.0.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4237b7f8e912b183019202896581da73", "sha256": "55b719737e0288d6b0fedfea098f1bd869130aa692a757e3a173ac4f60c19082" }, "downloads": -1, "filename": "fuzdir-1.0.0.tar.gz", "has_sig": false, "md5_digest": "4237b7f8e912b183019202896581da73", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.4", "size": 19423, "upload_time": "2019-09-05T15:12:06", "url": "https://files.pythonhosted.org/packages/1d/ce/54b7cc40a7ce5bc417d86341ac41eb391e1258b816078df9ee38ee2a6eec/fuzdir-1.0.0.tar.gz" } ] }