Find Crlf injection vulnerable endpoints

Installation:

Using Go

▶ go install github.com/ferreiraklet/Frizz@latest

From git clone

▶ git clone https://github.com/ferreiraklet/Frizz.git
▶ cd Frizz
▶ go build frizz.go
▶ chmod +x Frizz
▶ ./Frizz -h

Usage

Basically, what you need to do is, specify the header value of what you are trying to inject using crlf ->

OBS: The url need protocol, http, https.

Stdin - Single URL and from list

$ echo "http://127.0.0.1:8080/?q=%0d%0aSet-Cookie:crlf=injection" | frizz -payload "crlf=injection"

$ cat targets.txt | frizz -payload "crlf=injection

Adding Headers

$ echo "http://127.0.0.1:8080/?q=%0d%0aSet-Cookie:crlf=injection" | frizz -payload "crlf=injection" -H "Customheader1: value1;cheader2: value2"

Using Proxy

$ cat targets | frizz -payload "crlf=injection" --proxy "http://yourproxy"

$ cat list.txt | frizz -payload "crlf=injection" --only-poc

Check out some of my other programs

Nilo - Checks if URL has status 200

AiriXSS - Looking for xss reflected

Jeeves - Time based blind Injection Scanner

This project is for educational and bug bounty porposes only! I do not support any illegal activities!.

If any error in the program, talk to me immediatly.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Find Crlf injection vulnerable endpoints

Contents:

Installation:

Usage

Stdin - Single URL and from list

Adding Headers

Using Proxy

Check out some of my other programs

This project is for educational and bug bounty porposes only! I do not support any illegal activities!.

Files

README.md

Latest commit

History

README.md

File metadata and controls

Find Crlf injection vulnerable endpoints

Contents:

Installation:

Usage

Stdin - Single URL and from list

Adding Headers

Using Proxy

Check out some of my other programs

This project is for educational and bug bounty porposes only! I do not support any illegal activities!.