CRLFMap is a tool to find HTTP Splitting vulnerabilities.
Why?
Installation
go get github.com/ryandamour/crlfmap
Help
Available Commands:
help Help about any command
scan A scanner for all your CRLF needs
Flags:
-h, –help help for crlfmap
Scan Usage
crlfmap scan –domains domains.txt –output results.txt
———————————————————————————————
v0.0.1
———————————————————————————————
:: Domains : domains.txt
:: Payloads : payloads.txt
:: Threads : 1
:: Output : results.txt
:: User Agent : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
:: Timeout : 10
:: Delay : 0
——————————————————————————————————————–
[+]http://localhost:3000/v1/%0AInjected-Header:CRLFInjecttest.json: is Vulnerable
[+]http://localhost:3000/v1/%20%0AInjected-Header:CRLFInjecttest.json: is Vulnerable
What is a Software Supply Chain Attack? A software supply chain attack occurs when a…
When people ask how UDP works, the simplest answer is this: UDP sends data quickly…
Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…
A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…
How Does a Firewall Work Step by Step? What Is a Firewall and How Does…
People trying to securely connect to work are being tricked into doing the exact opposite.…