CRLFMap is a tool to find HTTP Splitting vulnerabilities.
Why?
Installation
go get github.com/ryandamour/crlfmap
Help
Available Commands:
help Help about any command
scan A scanner for all your CRLF needs
Flags:
-h, –help help for crlfmap
Scan Usage
crlfmap scan –domains domains.txt –output results.txt
———————————————————————————————
v0.0.1
———————————————————————————————
:: Domains : domains.txt
:: Payloads : payloads.txt
:: Threads : 1
:: Output : results.txt
:: User Agent : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
:: Timeout : 10
:: Delay : 0
——————————————————————————————————————–
[+]http://localhost:3000/v1/%0AInjected-Header:CRLFInjecttest.json: is Vulnerable
[+]http://localhost:3000/v1/%20%0AInjected-Header:CRLFInjecttest.json: is Vulnerable
Java remains one of the most widely used programming platforms for servers, enterprise applications, Android…
Ubuntu users often download software directly from developer websites instead of using the default app…
Installing Ubuntu 26.04 LTS is only the first step toward building a smooth, secure, and…
What is a Software Supply Chain Attack? A software supply chain attack occurs when a…
When people ask how UDP works, the simplest answer is this: UDP sends data quickly…
Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…