热门标签
热门文章
- 1unity 导出 包 到 android studio 中打包_plugin [id: 'com.android.application', version: '8
- 2c语言判断是否能被5或11整除,用c语言判断输入一个整数n能否被5和7同时整除
- 3软件测试面试题和简历模板(面试前准备篇)_软件测试岗位结构化面试表格模板
- 4macos brew python3 error: externally-managed-environment_if you wish to install a python library that isn't
- 5汽车IVI中控开发入门及进阶(二十八):视频SERDES芯片_车载serdes
- 65个免费可商用的图片素材网站,赶快收藏_免费商用素材网站
- 7Java面试宝典2017版_com.gyj.ioc.userdaolmpl and com.gyj.ioc.userdao ar
- 8神秘的HVV到底是什么?_hvv网络攻防
- 9多节点高可用Eureka集群与服务注册_eruaka
- 10【数据结构】红黑树实现详解
当前位置: article > 正文
Afuzz:一款功能强大的自动化Web路径模糊测试工具
作者:空白诗007 | 2024-07-08 18:49:47
赞
踩
afuzz
关于Afuzz
Afuzz是一款功能强大的自动化Web路径模糊测试工具,该工具专为Web安全专家和漏洞奖励Hunter设计,可以帮助我们以自动化的形式扫描和收集目标Web应用程序中的页面、语言和相关统计分析等数据。
功能介绍
1、Afuzz可以通过自动化的形式检测目标Web应用程序所使用的开发语言;
2、使用黑名单过滤无效页面;
3、使用白名单寻找漏洞奖励Hunter感兴趣的页面内容;
4、过滤页面中的随机内容;
5、以多种方式判断404错误页面;
6、扫描完成后执行统计数据分析,并生成最终的结果;
7、支持HTTP2;
工具安装
由于该工具基于Python开发,因此我们首先需要在本地设备上安装并配置好Python环境。接下来,广大研究人员可以直接使用下列命令将该项目源码克隆至本地:
git clone https://github.com/rapiddns/Afuzz.git
然后切换到项目目录中,使用pip工具和项目提供的requirements.txt文件安装该工具所需的其他依赖组件:
cd Afuzz pip install -r requirements.txt
依赖组件安装完成后,执行下列安装脚本即可:
python setup.py install
除此之外,我们还可以直接使用pip工具安装Afuzz:
pip install afuzz
工具选项
参数解释
-h, --help 显示工具帮助信息和退出 -u URL, --url URL 设置目标URL -o OUTPUT, --output OUTPUT 输出文件路径 -e EXTENSIONS, --extensions EXTENSIONS 扩展列表,逗号分隔 (例如: php,aspx,jsp) -t THREAD, --thread THREAD 线程数量 -d DEPTH, --depth DEPTH 最大递归深度 -w WORDLIST, --wordlist WORDLIST 字典文件路径 -f, --fullpath 完整路径 -p PROXY, --proxy PROXY 代理, (例如:http://127.0.0.1:8080)
工具运行
使用命令
afuzz -u https://targetafuzz -e php,html,js,json -u https://targetafuzz -e php,html,js -u https://target -d 3
多线程使用
afuzz -e aspx,jsp,php,htm,js,bak,zip,txt,xml -u https://target -t 50
工具运行样例
afuzz -u http://testphp.vulnweb.com -t 30
扫描结果
数据表
- +---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
-
- | http://testphp.vulnweb.com/ |
-
- +-----------------------------+---------------------+--------+-----------------------------------+-----------------------+--------+--------------------------+-------+-------+-----------+----------+
-
- | target | path | status | redirect | title | length | content-type | lines | words | type | mark |
-
- +-----------------------------+---------------------+--------+-----------------------------------+-----------------------+--------+--------------------------+-------+-------+-----------+----------+
-
- | http://testphp.vulnweb.com/ | .idea/workspace.xml | 200 | | | 12437 | text/xml | 217 | 774 | check | |
-
- | http://testphp.vulnweb.com/ | admin | 301 | http://testphp.vulnweb.com/admin/ | 301 Moved Permanently | 169 | text/html | 8 | 11 | folder | 30x |
-
- | http://testphp.vulnweb.com/ | login.php | 200 | | login page | 5009 | text/html | 120 | 432 | check | |
-
- | http://testphp.vulnweb.com/ | .idea/.name | 200 | | | 6 | application/octet-stream | 1 | 1 | check | |
-
- | http://testphp.vulnweb.com/ | .idea/vcs.xml | 200 | | | 173 | text/xml | 8 | 13 | check | |
-
- | http://testphp.vulnweb.com/ | .idea/ | 200 | | Index of /.idea/ | 937 | text/html | 14 | 46 | whitelist | index of |
-
- | http://testphp.vulnweb.com/ | cgi-bin/ | 403 | | 403 Forbidden | 276 | text/html | 10 | 28 | folder | 403 |
-
- | http://testphp.vulnweb.com/ | .idea/encodings.xml | 200 | | | 171 | text/xml | 6 | 11 | check | |
-
- | http://testphp.vulnweb.com/ | search.php | 200 | | search | 4218 | text/html | 104 | 364 | check | |
-
- | http://testphp.vulnweb.com/ | product.php | 200 | | picture details | 4576 | text/html | 111 | 377 | check | |
-
- | http://testphp.vulnweb.com/ | admin/ | 200 | | Index of /admin/ | 248 | text/html | 8 | 16 | whitelist | index of |
-
- | http://testphp.vulnweb.com/ | .idea | 301 | http://testphp.vulnweb.com/.idea/ | 301 Moved Permanently | 169 | text/html | 8 | 11 | folder | 30x |
-
- +-----------------------------+---------------------+--------+-----------------------------------+-----------------------+--------+--------------------------+-------+-------+-----------+----------+```
JSON格式数据
- {
-
- "result": [
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": ".idea/workspace.xml",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "",
-
- "length": 12437,
-
- "content_type": "text/xml",
-
- "lines": 217,
-
- "words": 774,
-
- "type": "check",
-
- "mark": "",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/.idea/workspace.xml"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": "admin",
-
- "status": 301,
-
- "redirect": "http://testphp.vulnweb.com/admin/",
-
- "title": "301 Moved Permanently",
-
- "length": 169,
-
- "content_type": "text/html",
-
- "lines": 8,
-
- "words": 11,
-
- "type": "folder",
-
- "mark": "30x",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/admin"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": "login.php",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "login page",
-
- "length": 5009,
-
- "content_type": "text/html",
-
- "lines": 120,
-
- "words": 432,
-
- "type": "check",
-
- "mark": "",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/login.php"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": ".idea/.name",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "",
-
- "length": 6,
-
- "content_type": "application/octet-stream",
-
- "lines": 1,
-
- "words": 1,
-
- "type": "check",
-
- "mark": "",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/.idea/.name"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": ".idea/vcs.xml",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "",
-
- "length": 173,
-
- "content_type": "text/xml",
-
- "lines": 8,
-
- "words": 13,
-
- "type": "check",
-
- "mark": "",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/.idea/vcs.xml"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": ".idea/",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "Index of /.idea/",
-
- "length": 937,
-
- "content_type": "text/html",
-
- "lines": 14,
-
- "words": 46,
-
- "type": "whitelist",
-
- "mark": "index of",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/.idea/"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": "cgi-bin/",
-
- "status": 403,
-
- "redirect": "",
-
- "title": "403 Forbidden",
-
- "length": 276,
-
- "content_type": "text/html",
-
- "lines": 10,
-
- "words": 28,
-
- "type": "folder",
-
- "mark": "403",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/cgi-bin/"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": ".idea/encodings.xml",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "",
-
- "length": 171,
-
- "content_type": "text/xml",
-
- "lines": 6,
-
- "words": 11,
-
- "type": "check",
-
- "mark": "",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/.idea/encodings.xml"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": "search.php",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "search",
-
- "length": 4218,
-
- "content_type": "text/html",
-
- "lines": 104,
-
- "words": 364,
-
- "type": "check",
-
- "mark": "",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/search.php"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": "product.php",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "picture details",
-
- "length": 4576,
-
- "content_type": "text/html",
-
- "lines": 111,
-
- "words": 377,
-
- "type": "check",
-
- "mark": "",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/product.php"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": "admin/",
-
- "status": 200,
-
- "redirect": "",
-
- "title": "Index of /admin/",
-
- "length": 248,
-
- "content_type": "text/html",
-
- "lines": 8,
-
- "words": 16,
-
- "type": "whitelist",
-
- "mark": "index of",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/admin/"
-
- },
-
- {
-
- "target": "http://testphp.vulnweb.com/",
-
- "path": ".idea",
-
- "status": 301,
-
- "redirect": "http://testphp.vulnweb.com/.idea/",
-
- "title": "301 Moved Permanently",
-
- "length": 169,
-
- "content_type": "text/html",
-
- "lines": 8,
-
- "words": 11,
-
- "type": "folder",
-
- "mark": "30x",
-
- "subdomain": "testphp.vulnweb.com",
-
- "depth": 0,
-
- "url": "http://testphp.vulnweb.com/.idea"
-
- }
-
- ],
-
- "total": 12,
-
- "target": "http://testphp.vulnweb.com/"
-
- }
字典(重要)
1、Afuzz所使用的字典是一个text文本文件,每一个路径单独每一行;
2、关于后缀,Afuzz会使用-e参数提供的后缀替换%EXT%关键词,如果没设置-e的话,则使用默认值;
3、我们可以基于域名来生成字典,Afuzz可以使用主机替换%subdomain%,使用根域名替换%rootdomain%,使用子域名替换%sub%,使用域名替换%domain%;
使用样例
普通后缀:
index.%EXT%
设置asp和aspx后缀将生成下列字典:
index index.asp index.aspx
主机:
%subdomain%.%ext% %sub%.bak %domain%.zip %rootdomain%.zip
传递https://test-www.hackerone.com和php后缀将生成下列字典:
test-www.hackerone.com.php test-www.zip test.zip www.zip testwww.zip hackerone.zip hackerone.com.zip
项目地址
Afuzz:【GitHub传送门】
参考链接
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/空白诗007/article/detail/799782
推荐阅读
- kimi人工智能 ...
赞
踩
相关标签
