Paramminer "fuzz" module #860
Closed
liquidsec
started this conversation in
Module Requests
Replies: 1 comment
-
|
this was the seed idea for lightfuzz |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
In addition the the existing findings, we can emit new events type like "getparam" "header" etc. These could be picked up by a new paramminer module, which could conduct some basic fuzzing against the parameters. Things like simple XSS testing, heuristic-based SQLi testing, etc. This would be much less in scale than a burp scanner, and not be focused on definitively finding vulnerabilities but rather report behavior that is likely to be a vulnerability.
Example: a getparameter is found with the paramminer module. It gets passed to the paramminer fuzz module, which figures out the text is being reflected into an html attribute, and then sends a double quote to see if escaping the string is possible. This would not, for example, go all the way to finding a fully working XSS payload. It would point to the most likely cases at which you'd likely just bring a fully-developed tool in.
Beta Was this translation helpful? Give feedback.
All reactions