Skip to content

The most powerful CRLF injection (HTTP Response Splitting) scanner.

License

Notifications You must be signed in to change notification settings

Raghavd3v/CRLFsuite

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CRLFsuite - CRLF injection scanner

made-with-python GitHub release PyPI license GitHub forks GitHub contributors


The project is no more managed by developers.

CRLFsuite is a powerful tool for CRLF injection detection and exploitation. Want to know how it works. Here's how

Installation

You can install CRLFsuite using pip as given below:

pip3 install crlfsuite

or download this repository and run the following command:

sudo python3 setup.py install

Features

  • Single URL scanning

  • Multiple URL scanning

  • Stdin supported

  • WAF detection

  • Powerful payload generator

  • CRLF Injection to XSS Chaining feature

  • GET & POST method supported

  • Concurrency

  • Fast and efficient scanning with negligible false-positive

Newly added in v2.5.1:

  • Json & Text ouput supported

  • Multiple headers supported

  • Verbose output supported

  • Scan can be resumed after CTRL^C is pressed

  • Added heuristic (basic) scanner

  • Compatibility with windows

credits