crlf-injector

CRLF Injector

A tool designed to exploit vulnerabilities in web applications by injecting Carriage Return Line Feed (CRLF) characters into HTTP parameters or URLs.

A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.

GitHub

46 stars
1 watching
21 forks
Language: Python
last commit: over 2 years ago
bugbountycrlf-injectionpythontoolshacking

Related projects:

Repository Description Stars
ualvesdias/crlfbruter A tool to test for vulnerabilities in URL injection attacks involving CRLF characters 10
michaelstott/crlf-injection-scanner Tool to detect CRLF injection vulnerabilities in web applications 159
raghavd3v/crlfsuite A powerful tool for detecting and exploiting CRLF injection vulnerabilities in web applications 555
dwisiswant0/crlfuzz Tools to scan CRLF vulnerability in web servers 1,333
r0075h3ll/oralyzer A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. 753
kpcyrd/rshijack A tool that hijacks TCP connections by injecting packets into existing connections to intercept data 463
tomcarver16/bof-dll-inject A tool for injecting malware into processes by mapping it to memory without registering it with the kernel. 147
0xinfection/xsrfprobe A toolkit designed to test and exploit Cross-Site Request Forgery vulnerabilities in websites. 1,109
lucasb-eyer/pydensecrf A Python wrapper for fully connected CRFs with Gaussian edge potentials used in computer vision and machine learning. 1,952
0ang3el/easycsrf An extension that automatically modifies certain HTTP requests to reveal potential CSRF vulnerabilities in web applications. 159
crufter/haquery Allows HTML manipulation and template rendering using CSS selectors familiar to web developers 65
ustayready/credsniper A phishing framework that captures 2FA tokens and provides secure access to credentials 1,332
mindpatch/lorsrf A tool designed to identify parameters in web applications that can be exploited for SSRF or out-of-band resource load attacks. 289
chvancooten/nimplant A lightweight tool for embedding custom code into existing applications to perform specific tasks without requiring user interaction. 801
websecnl/magicbyteselector A Burp Suite extension that inserts specific bytes into requests to bypass security checks for certain file types. 21