Skip to content

CasperGN/oobfuzz

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits
.github
.github
 
 
oobfuzz
oobfuzz
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
MANIFEST.in
MANIFEST.in
 
 
README.md
README.md
 
 
fuzzer.py
fuzzer.py
 
 
setup.py
setup.py
 
 

Repository files navigation

oobfuzz

FOSSA Status Total alerts Language grade: Python GitHub stars GitHub forks GitHub license

Conduct OOB Fuzzing of targets with payloads towards callback server

Brought to you with courtesey of Team Entropy, with ❤️ from
@ninposec, @mortensteenrasmussen & @CasperGN

Installation

Pip:

$ sudo pip install OOB-Fuzz

Or clone and install via setup:

$ git clone https://github.com/CasperGN/oobfuzz.git; cd oobfuzz; sudo -H python3 -m pip install .

Reasoning:
OOBFuzz requires GAU to run. As such, we need to apt-get install golang and fetch the binary with go get and move it into /usr/bin. This requires root permissions (unless obscure suid perhaps?) in order to do so. If in doubt, please chech setup.py to ensure that nothing malicious is happening.

Run

Create a folder containing payloads. The package contains examples at either data/payloads/ or when installed via pip in your site-packages/ directory.

$ python -m oobfuzz --payloads /path/to/payload/directory/ --targets targets.txt --threads 17

Or when installed via cloning:

$ python3 fuzzer.py --payloads /path/to/payload/directory/ --targets targets.txt --threads 17

External libs and thanks

License

FOSSA Status

About

Conduct OOB Fuzzing of targets with custom payloads towards callback server

Topics

fuzzing pentesting bugbounty

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 1

OOB-Fuzz-v0.1.0 Latest
Sep 17, 2020

Packages

 
 
 

Contributors

Languages