Skip to content

floyd-fuh/burp-HttpFuzzer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

A simple random HTTP fuzzer. This plugin adds ActiveScan checks that fuzz the HTTP request. Using this fuzzer with any standard HTTP server (Apache, Nginx, etc.) is usually useless, but can be fun. It can be used to see the different error conditions a server and the web application code can run into. However, if you are targeting an embedded device HTTP server or anything more exotic you might be more lucky. The plugin does not do any checks and doesn't add any issues. It is recommended to install the Collect500, ResponseClusterer, Logger++ and Error Message Checks plugin to get additional checks. Additionally it is recommended to attach a debugger to the target program on the server (or use strace or another tool of your choice). In it's default configuration the plugin will not do anything, as it is not considered efficient to fuzz every actively scanned request. You need to specify a higher value for the number of tests in the options tab to enable fuzzing.

About

Burp plugin to do random fuzzing of HTTP requests

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages