CRLF injection scanner

CRLFsuite

The most powerful CRLF injection (HTTP Response Splitting) scanner. CRLFsuite – CRLF injection scanner

CRLFsuite is a fast tool specially designed to scan CRLF injection.

CRLF
CRLF

Installation

$ git clone https://github.com/Nefcore/CRLFsuite.git
$ cd CRLFsuite
$ sudo python3 setup.py install
$ crlfsuite -h

Features

heavy_check_mark Single URL scanning

heavy_check_mark Multiple URL scanning

heavy_check_mark WAF detection

heavy_check_mark XSS through CRLF injection

heavy_check_mark Stdin supported

heavy_check_mark GET & POST method supported

heavy_check_mark Concurrency

heavy_check_mark Powerful payloads (WAF evasion payloads are also included)

heavy_check_mark Fast and efficient scanning with negligible false-positive

Arguments

ArgumentDiscription
-u/–urltarget URL
-i/–import-urlsImport targets from the file
-s/–stdinScan URLs from stdin
-o/–outputPath for output file
-m/–methodRequest method (GET/POST)
-d/–dataPOST data
-uA/–user-agentSpecify User-Agent
-To/–timeoutConnection timeout
-c/–cookiesSpecify cookies
-v/–verifyVerify SSL cert.
-t/–threadsNumber of concurrent threads
-sB/–skip-bannerSkip banner and args info
-sP/–show-payloadsShow all the available CRLF payloads

Usage

Single URL scanning:

$ crlfsuite -u "http://testphp.vulnweb.com"

Multiple URLs scanning:

$ crlfsuite -i targets.txt

from stdin:

$ subfinder -d google.com -silent | httpx -silent | crlfsuite -s

Specifying cookies:

$ crlfsuite -u "http://testphp.vulnweb.com" --cookies "key=val; newkey=newval"

Using POST method:

$ crlfsuite -i targets.txt -m POST -d "key=val&newkey=newval"

License

MIT LICENSE

Bug report

If You’re facing some errors or issues with this tool, you can open a issue here:

Open a issue

The CRLF Suite is a github repository by Nefcore Security