Skip to content

Instantly share code, notes, and snippets.

@c0d3x27

c0d3x27/fuzzing.py

Last active March 28, 2021 14:02
Show Gist options
  • Save c0d3x27/268df39b864a6073fa3daae3c118f950 to your computer and use it in GitHub Desktop.
Save c0d3x27/268df39b864a6073fa3daae3c118f950 to your computer and use it in GitHub Desktop.
Download ZIP
the directory wordlist from dirsearch repository
Raw
fuzzing.py
import requests
import wfuzz
import checkdomains
wordlist = requests.get('https://raw.githubusercontent.com/maurosoria/dirsearch/master/db/dicc.txt').text.split("\n")
domains = open("bug-bounty-domains-2.txt", "r")
payloads = wfuzz.get_payload(wordlist)
for domain in domains.readlines():
subdomains = open(domain.rstrip("\n") + "_subdomains.txt", "r")
for subdomain in subdomains.readlines():
urls = checkdomains.isdomainlive(subdomain.rstrip("\n"))
if urls:
for url in urls:
print("Fuzzing - " + url)
try:
fuzzer = payloads.fuzz(url = url + "/FUZZ", sc = [200])
for result in fuzzer:
print(result)
except: pass
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment