Skip to content
/ vaf Public

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

License

GPL-3.0 license
312 stars 41 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

d4rckh/vaf

BranchesTags

Repository files navigation

vaf - very advanced (web) fuzzer

GitHub Repo stars GitHub issues GitHub forks GitHub license GitHub top language

main

vaf is a cross-platform web fuzzer with a lot of features. Some of its features include:

  • Grepping
  • Outputing results to a file
  • Status code filtering
  • Detect reflexivness (useful for finding xss)
  • Add prefixes, suffixes
  • Custom wordlists
  • Fuzz any part of the url
  • Fuzz POST data
  • URL encode payload
  • your own feature!
  • And more...

Installing

These are the ways to install vaf:

  • By downloading the pre-compiled binaries in the releases page and adding them manually to your path
  • By running the install.sh bash script which will download nim, build vaf from source and then link the binary to /usr/bin (make sure to chmod +x install.sh)

Usage

using vaf is very simple to use, here's the current help menu:

Usage:
  vaf [options]

Options:
  -h, --help
  -u, --url=URL              choose url, replace area to fuzz with []
  -w, --wordlist=WORDLIST    choose the wordlist to use
  -sc, --status=STATUS       set on which status to print, set this param to 'any' to print on any status (default: 200)
  -pr, --prefix=PREFIX       prefix, e.g. set this to / for content discovery if your url doesnt have a / at the end (default: )
  -sf, --suffix=SUFFIX       suffix, e.g. use this for extensions if you are doing content discovery (default: )
  -pd, --postdata=POSTDATA   only used if '-m post' is set (default: {})
  -m, --method=METHOD        the method to use PSOT/GET (default: GET)
  -g, --grep=GREP            greps for a string in the response (default: )
  -o, --output=OUTPUT        Output the results in a file (default: )
  -pif, --printifreflexive   print only if the output reflected in the page, useful for finding xss
  -ue, --urlencode           url encode the payloads
  -pu, --printurl            prints the url that has been requested

Examples

Fuzz post data:

vaf.exe -w example_wordlists\short.txt -u https://jsonplaceholder.typicode.com/posts -m post -sc 201 -pd "{\"title\": \"[]\"}"

Fuzz GET URLs

vaf.exe -w example_wordlists\short.txt -u https://example.org/[] -sf .html

Some tips

  • Add a trailing , in the suffixes or prefixes argument to try the word without any suffix/prefix like this: -pf .php, or -sf .php,
  • Use -pif with a bunch of xss payloads as the wordlist to find XSS
  • Make an issue if you want to suggest a feature

Contributors

Thanks to everyone who contributed to this project!

About

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Topics

web nim hacking xss bruteforce penetration-testing bug-bounty fuzzing recon bugbounty fuzzer burpsuite security-tools pentest-tool hacking-tools vaf

Resources

Readme

License

GPL-3.0 license

Code of conduct

Code of conduct
Activity

Stars

312 stars

Watchers

9 watching

Forks

41 forks
Report repository

Releases 6

Release v2.0.0 Latest
Apr 18, 2022
+ 5 releases

Sponsor this project

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages