Skip to content

Conduct OOB Fuzzing of targets with custom payloads towards callback server

License

Notifications You must be signed in to change notification settings

CasperGN/oobfuzz

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

oobfuzz

FOSSA Status Total alerts Language grade: Python GitHub stars GitHub forks GitHub license

Conduct OOB Fuzzing of targets with payloads towards callback server

Brought to you with courtesey of Team Entropy, with ❤️ from
@ninposec, @mortensteenrasmussen & @CasperGN

Installation

Pip:

$ sudo pip install OOB-Fuzz

Or clone and install via setup:

$ git clone https://github.com/CasperGN/oobfuzz.git; cd oobfuzz; sudo -H python3 -m pip install .

Reasoning:
OOBFuzz requires GAU to run. As such, we need to apt-get install golang and fetch the binary with go get and move it into /usr/bin. This requires root permissions (unless obscure suid perhaps?) in order to do so. If in doubt, please chech setup.py to ensure that nothing malicious is happening.

Run

Create a folder containing payloads. The package contains examples at either data/payloads/ or when installed via pip in your site-packages/ directory.

$ python -m oobfuzz --payloads /path/to/payload/directory/ --targets targets.txt --threads 17

Or when installed via cloning:

$ python3 fuzzer.py --payloads /path/to/payload/directory/ --targets targets.txt --threads 17

External libs and thanks

License

FOSSA Status

About

Conduct OOB Fuzzing of targets with custom payloads towards callback server

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages