Note: ParamSpider Fuzzing Templates This will display help for the tool. Here are the options it supports. To install Here are a few examples of how to use NucleiFuzzer: Run Run For a Practical Demonstration of the NucleiFuzzer tool see the below video 👇 Contributions are welcome! If you'd like to contribute to Made by
A NucleiFuzzer
is an automation tool that combines ParamSpider
and Nuclei
to enhance web application security testing. It uses ParamSpider
to identify potential entry points and Nuclei
fuzzing templates to scan for vulnerabilities. NucleiFuzzer
streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download NucleiFuzzer
to protect your web applications from vulnerabilities and attacks.Nuclei
+ Paramspider
= NucleiFuzzer
Important: Make sure the tools Nuclei
, httpx
& Paramspider
are installed on your machine and executing correctly to use the NucleiFuzzer
without any issues.git clone https://github.com/0xKayala/ParamSpider.git
Nuclei git clone https://github.com/projectdiscovery/nuclei.git
git clone https://github.com/0xKayala/fuzzing-templates.git
nf -h
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc. vulnerabilities in Web Applications
Usage: /usr/bin/nf [options]
Options:
-h, --help Display help information
-d, --domain <domain> Domain to scan for XSS, SQLi, SSRF, Open-Redirect..etc vulnerabilities
-f, --file <filename> File containing multiple domains/URLs to scan
NucleiFuzzer
, follow these steps:git clone https://github.com/0xKayala/NucleiFuzzer.git && cd NucleiFuzzer && sudo chmod +x install.sh && ./install.sh && nf -h && cd ..
NucleiFuzzer
on a single domain:nf -d example.com
NucleiFuzzer
on multiple domains from a file:nf -f file.txt
NucleiFuzzer
, please follow these steps:Satya Prakash
| 0xKayala
\Security Researcher
and Bug Hunter
\