michaelstott / crlf-injection-scanner Goto Github PK
View Code? Open in Web Editor NEWCommand line tool for testing CRLF injection on a list of domains.
Command line tool for testing CRLF injection on a list of domains.
So I usually use this tool on a massive list of urls, like more than 2000 urls. I usually leave this tool running for hours.
It would be very helpful for us if there would be an argument that can help us in hiding the verbose and only showing the urls in which CRLF gets detected. Because it gets very hard to look for CRLF detection from a list of tens of thousands of generated URLS.
Thanks
Right Now tool is working slow when we supply list of domains , it will be great if multi thread can be add which will make tool faster.
hey dude,
was just testing this against my site that is protected by cloudflare.
Seeing it throwing this exception.
root@550958ca128c:/Sublist3r# python crlf_scan.py -i xsses.rocks.txt -o output.txt
Starting scan of domain www.xsses.rocks
Scanning http://www.xsses.rocks/.
Exception AttributeError: "'_SocketDuckForFd' object has no attribute '_closed'" in <bound method _SocketDuckForFd.__del__ of _SocketDuckForFd:8> ignored
Exception AttributeError: "'_SocketDuckForFd' object has no attribute '_closed'" in <bound method _SocketDuckForFd.__del__ of _SocketDuckForFd:9> ignored
Error occured when scanning with http protocol.
Scanning https://www.xsses.rocks/.
Exception AttributeError: "'_SocketDuckForFd' object has no attribute '_closed'" in <bound method _SocketDuckForFd.__del__ of _SocketDuckForFd:10> ignored
Exception AttributeError: "'_SocketDuckForFd' object has no attribute '_closed'" in <bound method _SocketDuckForFd.__del__ of _SocketDuckForFd:12> ignored
Error occured when scanning with https protocol.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.