Skip to content

gi0cann/pandushi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits

fuzzer

fuzzer

 
 

payloads

payloads

 
 

sample

sample

 
 

test/requests

test/requests

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

Repository files navigation

Pandushi is a web application fuzzer

Pandushi keeps track of every fuzz case and the injection type used for later manual analysis.

Key features

  • Store every request and response with their injection and injection type (sqli, xss, xxe, cmdi, os injection, etc.)
  • Extensible collection of payloads

Wish list

  • Add option to scan data to a file by passing file:// URI on the command line.
  • Add option to scan data to mongodb by passing mongodb:// URI on the command line.
  • Add option to scan data to elasticsearch by passing elastic:// URI on the command line.
  • Add option to scan data to an REST API by passing http:// URI on the command line.
  • Build front-end to analyze the scan data

TODO

  • Create injection/payload type
  • Create custom http request type
  • Create custom http response type
  • Create TestCase type to countain information about each individual injection (Request, Response, injection, injection type, injeciton point type, injection point location, total duration, status, response code)
  • Create function to count total injection points, url path injection points, query injection points, header injection points, cookie injection points, body injection points
  • Inject request headers
  • Inject request body x-www-form-urlencoded parameters
  • Inject request body multipart/form-data parameters
  • Inject request body application/json parameters
  • Inject request body application/xml parameters
  • Inject request query parameters
  • Inject request uri path
  • Inject marked (§§) requests
  • Store finished task with testcase in mongodb
  • Add check to make sure target is live before initiating scan
  • Write payload importer
  • Deduplicate payloads
  • Force https

Design notes

  • Create different a type of fuzzing tasks for each injection point type (url path, query parameters, headers, cookies, request body x-www-form-urlencoded, request body multipart/form-data, request body json)
  • Each injection point types get its own function that takes a list of injection types (sqli, xss, xxe, etc.)
  • These functions will follow the following pattern:
    1. For each injection point
    2. Grab all inputs from the mongodb database
    3. Loop over the inputs
    4. Create a new request for the current input
    5. Send the newly created request or add it to a queue TBD (To be decided)
    6. Get Response and store Request and Response with injection info to mongodb

Approach #1 for injecting parameters into a request

Query parameters

  1. inject payload in URL.RawQuery or http.Request.Form
  2. Submit request

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages