It is used for Weaponizing WaybackUrls for OSINT, Sensitive Endpoints, Recon, BugBounties, and other purposes.
- The ability to look for /api/ endpoints
- Look up a JSON endpoint
- Retrieve any potential Conf(configuration) endpoints
- You may add your own Custom List or all potentially sensitive occurrences in the URL from TheTimeMachine (Searches from Fuzz List).
- Downloads domain names from waybackurl
- Search using a custom term of your choosing, such as backup or.log.
- Attack Mode (Looked for potential endpoints that might be vulnerable to SQLi, LFI, XSS, Open Redirect, and JIRA Based Vulnerabilities) PS: There will be more shortly.
- Only get parameters from any file (e.g., extracted from attack mode or any URLs file, or, depending on your creativity, from far back urls) is compatible with the burp spider file)
- All of the files that were examined for XSS, LFI, Fuzz, etc., may be manually edited.
Disclaimer: The intended use for the tool is strictly educational and should not be used for any other purpose.
Download Link: https://github.com/Proviesec/PSFuzz