Skip to content

NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications

Notifications You must be signed in to change notification settings

0xKayala/NucleiFuzzer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

NucleiFuzzer = Nuclei + Paramspider

NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei fuzzing templates to scan for vulnerabilities. NucleiFuzzer streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download NucleiFuzzer to protect your web applications from vulnerabilities and attacks.

Note: Nuclei + Paramspider = NucleiFuzzer

Important: Make sure the tools Nuclei, httpx & Paramspider are installed on your machine and executing correctly to use the NucleiFuzzer without any issues.

Tools included:

ParamSpider git clone https://github.com/0xKayala/ParamSpider.git

Nuclei git clone https://github.com/projectdiscovery/nuclei.git

Templates:

Fuzzing Templates git clone https://github.com/0xKayala/fuzzing-templates.git

Screenshot

image

Output

image image image image

Usage

nf -h

This will display help for the tool. Here are the options it supports.

NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc. vulnerabilities in Web Applications

Usage: /usr/bin/nf [options]

Options:
  -h, --help              Display help information
  -d, --domain <domain>   Domain to scan for XSS, SQLi, SSRF, Open-Redirect..etc vulnerabilities
  -f, --file <filename>   File containing multiple domains/URLs to scan

Installation:

To install NucleiFuzzer, follow these steps:

git clone https://github.com/0xKayala/NucleiFuzzer.git && cd NucleiFuzzer && sudo chmod +x install.sh && ./install.sh && nf -h && cd ..

Examples:

Here are a few examples of how to use NucleiFuzzer:

  • Run NucleiFuzzer on a single domain:

    nf -d example.com
  • Run NucleiFuzzer on multiple domains from a file:

    nf -f file.txt

Practical Demonstration:

For a Practical Demonstration of the NucleiFuzzer tool see the below video 👇

Star History

Star History Chart

Contributing

Contributions are welcome! If you'd like to contribute to NucleiFuzzer, please follow these steps:

  1. Fork the repository.
  2. Create a new branch.
  3. Make your changes and commit them.
  4. Submit a pull request.

Made by Satya Prakash | 0xKayala \

A Security Researcher and Bug Hunter \

Connect with me:

0xkayala 0xkayala 0xkayala @0xkayala 0xkayala

Support me:

0xKayala



About

NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages