nozaki

nozaki copied to clipboard

I think it would be interesting to have a feature to do recursively on found paths or links that were found on this host, which are from the same origin......

htrgouvea

It would be amazing if somehow we could fuzz multiple values and multiple contexts. Imagine if a user can use: #6, #7, #8 feature in the unique command

htrgouvea

**Context** Sending data in the request body, especially with methods like POST, is a common attack vector for vulnerabilities such as SQL Injection, SSRF, RCE, and XSS. Implementing fuzzing for...

htrgouvea

**Context:** HTTP header fuzzing is crucial for identifying vulnerabilities related to header manipulation, such as injections or exploitation of specific fields. **What is needed to do:** Add a new command-line...

htrgouvea

Something like: ``` $ nozaki.pl -m GET -u https://target.com/login.php?${substrings} --wordilist substrings.txt ```

htrgouvea

It would be interesting if the fuzzer itself identified some of the technologies used by the application, consequently, taking the freedom to decide which wordlists to use. References: 1. https://github.com/iustin24/chameleon

htrgouvea

**Context:** Filtering requests by content type (Content-Type) is essential for highlighting relevant responses, especially in applications that return multiple formats (e.g., JSON, HTML, etc.). This feature would be particularly useful...

htrgouvea

htrgouvea

htrgouvea

htrgouvea