mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-21 18:05:26 +00:00
b9472cf7e1
* Added fuzzing support for query params + var dump feature * Added query-fuzz integration test * Fixed payloads + added keys-regex fuzz parameter * Fixed interactsh not working + misc * Fixed evaluation + added global variables/dsl support to payloads * Misc fixes related to variables evaluations * Added http variables support to fuzz * misc * Misc * Added testing playground + misc renaming * Added support for path and raw request to fuzzing * Fixed fuzz integration test * Fixed variable unresolved issue * Add multiple parameter support with same name * Added parameter value as 'value' dsl variable for parts Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
28 lines
468 B
YAML
28 lines
468 B
YAML
id: fuzz-query
|
|
|
|
info:
|
|
name: Basic Fuzz URL Query
|
|
author: pdteam
|
|
severity: info
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}"
|
|
fuzzing:
|
|
- part: query
|
|
type: postfix
|
|
mode: single
|
|
keys: ["id"]
|
|
fuzz: ["6842'\"><"]
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "6842'\"><"
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "text/html"
|