README
¶
Fuzzagotchi
An automatic web fuzzer.
Usage
Automatic Fuzzing
This mode automatically fuzzes directories contains *.txt, *.php, .html, etc.
fuzzagotchi -u https://example.com -w wordlist.txt
Specific Fuzzing
If you want to specify where to fuzz, you can put "EGG" keyword in URL, POST params, etc.
# Directories
fuzzagotchi -u https://example.com/EGG -w wordlist.txt
# Vhosts
fuzzagotchi -u https://example.com -H "Host: EGG.example.com" -w wordlist.txt
# Cookies
fuzzagotchi -u https://example.com -H "Cookie: key=EGG" -w wordlist.txt
Deep Scan
If you want to find more information about the website, you can scan deeply by adding --scan flag.
fuzzagotchi -u https://example.com -w wordlist.txt --scan
Fuzzagotchi scans website and find sensitive information (e.g. username, password, etc.), vulnerabilities, so on.
Using Built-in Wordlists
You can use built-in wordlists by specifying the special keywords as follow.
fuzzagotchi -u https://example.com/?id=EGG -w NUM_0_999
Below are the list of built-in wordlist.
# Alphabets (ALPHA_START_END)
ALPHA_A_Z
ALPHA_F_Q
# Numbers (NUM_START_END)
NUM_0_100
NUM_0000_9999
Installation
The easiest way of installation is to install using go binary.
Your system needs to have go.
Install with Go
go install github.com/hideckies/fuzzagotchi@latest
Clone This Repo & Build
Another way, you can clone this repository and build.
git clone https://github.com/hideckies/fuzzagotchi.git
cd fuzzagotchi
go get ; go build
Documentation
¶
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.