# BeelzeCookie - Cookie Bomb Vulnerability Scanner
A comprehensive tool for detecting cookie bomb vulnerabilities in web applications. Cookie bombs occur when URL parameters are directly written to cookies, allowing attackers to create oversized cookies that can cause Denial of Service (DoS) conditions.
## Features
- **Automated Parameter Discovery**: Automatically discovers URL parameters using HTML/JS parsing
- **Smart Payload Generation**: Creates realistic tracking-like payloads for testing
- **Cookie Analysis**: Monitors Set-Cookie headers and cookie persistence
- **Risk Assessment**: Comprehensive scoring based on multiple factors
- **Proxy Support**: Integrates with Burp Suite and other proxies
- **Rate Limiting**: Built-in throttling to avoid overwhelming targets
- **Multiple Output Formats**: JSON and Markdown reports for bug bounty submissions
## Installation
### Prerequisites
- Python 3.7 or higher
- pip package manager
### Install Dependencies
```bash
cd beelzecookie
pip install -r requirements.txt
```
### Setup.py install
```bash
cd beelzecookie
cp *.py beelzecookie_pkg/beelzecookie/
cp __init__.py beelzecookie_pkg/beelzecookie/
cp setup.py requirements.txt README.md beelzecookie_pkg/
cd beelzecookie_pkg
pip3 install -e . --break-system-packages
beelzecookie --help
```
## Usage
### Basic Usage
```bash
# Test a single URL with automatic parameter discovery
python main.py --url https://example.com --auto --lengths 500,1000,2000
# Test specific parameters
python main.py --url https://example.com --params gclid,utm_source,utm_medium --lengths 1000,2000,4000
# Test multiple URLs from a file
python main.py --urls targets.txt --auto --lengths 500,1000,2000
# Dry run mode (only check Set-Cookie headers)
python main.py --url https://example.com --dry-run
# Live testing with cookie persistence verification
python main.py --url https://example.com --live --proxy http://127.0.0.1:8080
```
### Command Line Options
| Option | Description | Example |
|--------|-------------|---------|
| `--url` | Single target URL | `--url https://example.com` |
| `--urls` | File containing URLs (one per line) | `--urls targets.txt` |
| `--params` | Comma-separated list of parameters to test | `--params gclid,utm_source` |
| `--auto` | Automatically discover parameters | `--auto` |
| `--lengths` | Payload lengths to test | `--lengths 500,1000,2000,4000` |
| `--dry-run` | Only check Set-Cookie headers | `--dry-run` |
| `--live` | Test cookie persistence and errors | `--live` |
| `--proxy` | Proxy URL for requests | `--proxy http://127.0.0.1:8080` |
| `--timeout` | Request timeout in seconds | `--timeout 30` |
| `--delay` | Delay between requests | `--delay 1.0` |
| `--output` | Save results to JSON file | `--output results.json` |
| `--report` | Generate Markdown report | `--report report.md` |
| `--verbose` | Enable verbose output | `--verbose` |
### Examples
#### 1. Basic Scan
```bash
python main.py --url https://example.com --auto --lengths 1000,2000
```
#### 2. Targeted Parameter Testing
```bash
python main.py --url https://example.com --params gclid,fbclid,utm_source --lengths 500,1000,2000,4000
```
#### 3. Multiple Target Scan
```bash
# Create targets.txt file
echo "https://example1.com" > targets.txt
echo "https://example2.com" >> targets.txt
# Run scan
python main.py --urls targets.txt --auto --lengths 1000,2000 --output results.json --report report.md
```
#### 4. Burp Suite Integration
```bash
python main.py --url https://example.com --live --proxy http://127.0.0.1:8080 --verbose
```
#### 5. Dry Run for Reconnaissance
```bash
python main.py --url https://example.com --dry-run --auto --verbose
```
## Output Formats
### Console Output
The tool provides real-time feedback with color-coded risk levels:
- 🔴 **High Risk**: Cookie bomb vulnerability detected
- 🟡 **Medium Risk**: Potential vulnerability with some risk factors
- 🟢 **Low Risk**: Cookie writing detected but no immediate threat
- ⚪ **Info**: No vulnerability detected
### JSON Report
Detailed results in JSON format for further processing:
```json
{
"scan_info": {
"tool": "BeelzeCookie",
"version": "1.0.0",
"timestamp": "2025-01-01T12:00:00",
"total_tests": 24
},
"targets": [...],
"findings": [...],
"summary": {
"total_tests": 24,
"vulnerabilities_found": 3,
"risk_distribution": {
"High": 1,
"Medium": 2,
"Low": 5,
"Info": 16
}
}
}
```
### Markdown Report
Professional report ready for bug bounty submission:
- Executive summary
- Detailed findings with risk levels
- Technical details and proof of concept
- Recommendations for remediation
## Risk Assessment
The tool evaluates vulnerabilities based on multiple factors:
### Risk Factors
1. **Cookie Writing**: Are cookies being set?
2. **Parameter Cookies**: Are parameter values written to cookies?
3. **Cookie Persistence**: Do cookies persist across requests?
4. **Error Detection**: Are HTTP errors occurring?
5. **Cookie Size**: How much do cookies increase in size?
6. **Status Transitions**: Do successful requests lead to errors?
### Risk Levels
- **High Risk (8+ points)**: Confirmed cookie bomb vulnerability
- **Medium Risk (5-7 points)**: Potential vulnerability with exploitation path
- **Low Risk (3-4 points)**: Cookie writing detected but limited impact
- **Info (0-2 points)**: No significant vulnerability
## Methodology
1. **Parameter Discovery**:
- Extract parameters from URL
- Parse HTML forms and links
- Analyze JavaScript files
- Check for common tracking parameters
2. **Payload Generation**:
- Create realistic tracking-like payloads
- Generate various payload sizes
- Test different encoding methods
- Create combination payloads
3. **Cookie Analysis**:
- Monitor Set-Cookie headers
- Track cookie persistence
- Measure cookie size changes
- Analyze cookie content
4. **Error Detection**:
- Monitor HTTP status codes
- Detect DoS indicators (400, 413, 414, 431)
- Analyze response patterns
- Track request failures
5. **Risk Assessment**:
- Score based on multiple factors
- Calculate CVSS scores
- Generate recommendations
- Provide remediation guidance
## Common Vulnerable Parameters
The tool automatically tests these commonly vulnerable parameters:
### Tracking Parameters
- `gclid` (Google Click ID)
- `fbclid` (Facebook Click ID)
- `dclid` (DoubleClick ID)
- `msclkid` (Microsoft Click ID)
### UTM Parameters
- `utm_source`
- `utm_medium`
- `utm_campaign`
- `utm_term`
- `utm_content`
### Other Common Parameters
- `ref`, `source`, `campaign`
- `affiliate`, `partner`
- `tracking`, `track`
- `session`, `user`, `visitor`
## Security Considerations
### Responsible Disclosure
- Always obtain proper authorization before testing
- Follow responsible disclosure practices
- Respect rate limits and server resources
- Do not perform DoS attacks on production systems
### Legal Compliance
- Ensure you have permission to test the target
- Comply with applicable laws and regulations
- Follow bug bounty program guidelines
- Respect terms of service
## Troubleshooting
### Common Issues
1. **Connection Errors**
- Check network connectivity
- Verify target URL is accessible
- Adjust timeout settings
2. **Proxy Issues**
- Ensure proxy is running and accessible
- Check proxy configuration
- Verify certificate handling
3. **Rate Limiting**
- Increase delay between requests
- Use proxy to distribute requests
- Respect server rate limits
4. **False Positives**
- Review cookie analysis results
- Check for legitimate cookie usage
- Verify error conditions
### Debug Mode
Enable verbose output for detailed debugging:
```bash
python main.py --url https://example.com --verbose --auto
```
## Contributing
Contributions are welcome! Please feel free to submit pull requests or open issues for bugs and feature requests.
### Development Setup
```bash
git clone <repository>
cd beelzecookie
pip install -r requirements.txt
python main.py --help
```
## License
This project is licensed under the MIT License - see the LICENSE file for details.
## Disclaimer
This tool is for educational and authorized security testing purposes only. Users are responsible for ensuring they have proper authorization before testing any systems. The authors are not responsible for any misuse of this tool.
## Support
For support, questions, or bug reports:
- Open an issue on GitHub
- Check the documentation
- Review the troubleshooting section
---
**BeelzeCookie** - Making cookie bomb detection easier and more comprehensive.
Raw data
{
"_id": null,
"home_page": null,
"name": "beelzecookie",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": null,
"keywords": "security vulnerability scanner cookie bomb dos web application testing",
"author": "0xbthn",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/ca/5f/e88ca3d9c0848a74ddc73698ac13b15f06848343ff3423e811357276a7f9/beelzecookie-1.0.3.tar.gz",
"platform": null,
"description": "# BeelzeCookie - Cookie Bomb Vulnerability Scanner\n\n\n\n\nA comprehensive tool for detecting cookie bomb vulnerabilities in web applications. Cookie bombs occur when URL parameters are directly written to cookies, allowing attackers to create oversized cookies that can cause Denial of Service (DoS) conditions.\n\n## Features\n\n- **Automated Parameter Discovery**: Automatically discovers URL parameters using HTML/JS parsing\n- **Smart Payload Generation**: Creates realistic tracking-like payloads for testing\n- **Cookie Analysis**: Monitors Set-Cookie headers and cookie persistence\n- **Risk Assessment**: Comprehensive scoring based on multiple factors\n- **Proxy Support**: Integrates with Burp Suite and other proxies\n- **Rate Limiting**: Built-in throttling to avoid overwhelming targets\n- **Multiple Output Formats**: JSON and Markdown reports for bug bounty submissions\n\n## Installation\n\n### Prerequisites\n\n- Python 3.7 or higher\n- pip package manager\n\n### Install Dependencies\n\n```bash\ncd beelzecookie\npip install -r requirements.txt\n```\n### Setup.py install\n```bash\n\ncd beelzecookie\n\ncp *.py beelzecookie_pkg/beelzecookie/\n\ncp __init__.py beelzecookie_pkg/beelzecookie/\n\ncp setup.py requirements.txt README.md beelzecookie_pkg/\n\ncd beelzecookie_pkg\n\npip3 install -e . --break-system-packages\n\nbeelzecookie --help\n```\n\n## Usage\n\n### Basic Usage\n\n```bash\n# Test a single URL with automatic parameter discovery\npython main.py --url https://example.com --auto --lengths 500,1000,2000\n\n# Test specific parameters\npython main.py --url https://example.com --params gclid,utm_source,utm_medium --lengths 1000,2000,4000\n\n# Test multiple URLs from a file\npython main.py --urls targets.txt --auto --lengths 500,1000,2000\n\n# Dry run mode (only check Set-Cookie headers)\npython main.py --url https://example.com --dry-run\n\n# Live testing with cookie persistence verification\npython main.py --url https://example.com --live --proxy http://127.0.0.1:8080\n```\n\n### Command Line Options\n\n| Option | Description | Example |\n|--------|-------------|---------|\n| `--url` | Single target URL | `--url https://example.com` |\n| `--urls` | File containing URLs (one per line) | `--urls targets.txt` |\n| `--params` | Comma-separated list of parameters to test | `--params gclid,utm_source` |\n| `--auto` | Automatically discover parameters | `--auto` |\n| `--lengths` | Payload lengths to test | `--lengths 500,1000,2000,4000` |\n| `--dry-run` | Only check Set-Cookie headers | `--dry-run` |\n| `--live` | Test cookie persistence and errors | `--live` |\n| `--proxy` | Proxy URL for requests | `--proxy http://127.0.0.1:8080` |\n| `--timeout` | Request timeout in seconds | `--timeout 30` |\n| `--delay` | Delay between requests | `--delay 1.0` |\n| `--output` | Save results to JSON file | `--output results.json` |\n| `--report` | Generate Markdown report | `--report report.md` |\n| `--verbose` | Enable verbose output | `--verbose` |\n\n### Examples\n\n#### 1. Basic Scan\n```bash\npython main.py --url https://example.com --auto --lengths 1000,2000\n```\n\n#### 2. Targeted Parameter Testing\n```bash\npython main.py --url https://example.com --params gclid,fbclid,utm_source --lengths 500,1000,2000,4000\n```\n\n#### 3. Multiple Target Scan\n```bash\n# Create targets.txt file\necho \"https://example1.com\" > targets.txt\necho \"https://example2.com\" >> targets.txt\n\n# Run scan\npython main.py --urls targets.txt --auto --lengths 1000,2000 --output results.json --report report.md\n```\n\n#### 4. Burp Suite Integration\n```bash\npython main.py --url https://example.com --live --proxy http://127.0.0.1:8080 --verbose\n```\n\n#### 5. Dry Run for Reconnaissance\n```bash\npython main.py --url https://example.com --dry-run --auto --verbose\n```\n\n## Output Formats\n\n### Console Output\nThe tool provides real-time feedback with color-coded risk levels:\n- \ud83d\udd34 **High Risk**: Cookie bomb vulnerability detected\n- \ud83d\udfe1 **Medium Risk**: Potential vulnerability with some risk factors\n- \ud83d\udfe2 **Low Risk**: Cookie writing detected but no immediate threat\n- \u26aa **Info**: No vulnerability detected\n\n### JSON Report\nDetailed results in JSON format for further processing:\n```json\n{\n \"scan_info\": {\n \"tool\": \"BeelzeCookie\",\n \"version\": \"1.0.0\",\n \"timestamp\": \"2025-01-01T12:00:00\",\n \"total_tests\": 24\n },\n \"targets\": [...],\n \"findings\": [...],\n \"summary\": {\n \"total_tests\": 24,\n \"vulnerabilities_found\": 3,\n \"risk_distribution\": {\n \"High\": 1,\n \"Medium\": 2,\n \"Low\": 5,\n \"Info\": 16\n }\n }\n}\n```\n\n### Markdown Report\nProfessional report ready for bug bounty submission:\n- Executive summary\n- Detailed findings with risk levels\n- Technical details and proof of concept\n- Recommendations for remediation\n\n## Risk Assessment\n\nThe tool evaluates vulnerabilities based on multiple factors:\n\n### Risk Factors\n1. **Cookie Writing**: Are cookies being set?\n2. **Parameter Cookies**: Are parameter values written to cookies?\n3. **Cookie Persistence**: Do cookies persist across requests?\n4. **Error Detection**: Are HTTP errors occurring?\n5. **Cookie Size**: How much do cookies increase in size?\n6. **Status Transitions**: Do successful requests lead to errors?\n\n### Risk Levels\n- **High Risk (8+ points)**: Confirmed cookie bomb vulnerability\n- **Medium Risk (5-7 points)**: Potential vulnerability with exploitation path\n- **Low Risk (3-4 points)**: Cookie writing detected but limited impact\n- **Info (0-2 points)**: No significant vulnerability\n\n## Methodology\n\n1. **Parameter Discovery**: \n - Extract parameters from URL\n - Parse HTML forms and links\n - Analyze JavaScript files\n - Check for common tracking parameters\n\n2. **Payload Generation**:\n - Create realistic tracking-like payloads\n - Generate various payload sizes\n - Test different encoding methods\n - Create combination payloads\n\n3. **Cookie Analysis**:\n - Monitor Set-Cookie headers\n - Track cookie persistence\n - Measure cookie size changes\n - Analyze cookie content\n\n4. **Error Detection**:\n - Monitor HTTP status codes\n - Detect DoS indicators (400, 413, 414, 431)\n - Analyze response patterns\n - Track request failures\n\n5. **Risk Assessment**:\n - Score based on multiple factors\n - Calculate CVSS scores\n - Generate recommendations\n - Provide remediation guidance\n\n## Common Vulnerable Parameters\n\nThe tool automatically tests these commonly vulnerable parameters:\n\n### Tracking Parameters\n- `gclid` (Google Click ID)\n- `fbclid` (Facebook Click ID)\n- `dclid` (DoubleClick ID)\n- `msclkid` (Microsoft Click ID)\n\n### UTM Parameters\n- `utm_source`\n- `utm_medium`\n- `utm_campaign`\n- `utm_term`\n- `utm_content`\n\n### Other Common Parameters\n- `ref`, `source`, `campaign`\n- `affiliate`, `partner`\n- `tracking`, `track`\n- `session`, `user`, `visitor`\n\n## Security Considerations\n\n### Responsible Disclosure\n- Always obtain proper authorization before testing\n- Follow responsible disclosure practices\n- Respect rate limits and server resources\n- Do not perform DoS attacks on production systems\n\n### Legal Compliance\n- Ensure you have permission to test the target\n- Comply with applicable laws and regulations\n- Follow bug bounty program guidelines\n- Respect terms of service\n\n## Troubleshooting\n\n### Common Issues\n\n1. **Connection Errors**\n - Check network connectivity\n - Verify target URL is accessible\n - Adjust timeout settings\n\n2. **Proxy Issues**\n - Ensure proxy is running and accessible\n - Check proxy configuration\n - Verify certificate handling\n\n3. **Rate Limiting**\n - Increase delay between requests\n - Use proxy to distribute requests\n - Respect server rate limits\n\n4. **False Positives**\n - Review cookie analysis results\n - Check for legitimate cookie usage\n - Verify error conditions\n\n### Debug Mode\nEnable verbose output for detailed debugging:\n```bash\npython main.py --url https://example.com --verbose --auto\n```\n\n## Contributing\n\nContributions are welcome! Please feel free to submit pull requests or open issues for bugs and feature requests.\n\n### Development Setup\n```bash\ngit clone <repository>\ncd beelzecookie\npip install -r requirements.txt\npython main.py --help\n```\n\n## License\n\nThis project is licensed under the MIT License - see the LICENSE file for details.\n\n## Disclaimer\n\nThis tool is for educational and authorized security testing purposes only. Users are responsible for ensuring they have proper authorization before testing any systems. The authors are not responsible for any misuse of this tool.\n\n## Support\n\nFor support, questions, or bug reports:\n- Open an issue on GitHub\n- Check the documentation\n- Review the troubleshooting section\n\n---\n\n**BeelzeCookie** - Making cookie bomb detection easier and more comprehensive. \n",
"bugtrack_url": null,
"license": null,
"summary": "Cookie Bomb Vulnerability Scanner I want to be a cookie.",
"version": "1.0.3",
"project_urls": {
"Bug Reports": "https://github.com/0xbthn/beelzecookie/issues",
"Documentation": "https://github.com/0xbthn/beelzecookie#readme",
"Source": "https://github.com/0xbthn/beelzecookie"
},
"split_keywords": [
"security",
"vulnerability",
"scanner",
"cookie",
"bomb",
"dos",
"web",
"application",
"testing"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "d4dceebecc3bd83428d12c94ac68fdc5b0c79720ca145a851c6b3788c71ef342",
"md5": "1942444c3e9da827a30055b8c76fab21",
"sha256": "381f585cc439cd91d6584128ed1ccb3371ff4b0363127a780860e1264cb3b46c"
},
"downloads": -1,
"filename": "beelzecookie-1.0.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "1942444c3e9da827a30055b8c76fab21",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 30872,
"upload_time": "2025-09-02T23:19:11",
"upload_time_iso_8601": "2025-09-02T23:19:11.985831Z",
"url": "https://files.pythonhosted.org/packages/d4/dc/eebecc3bd83428d12c94ac68fdc5b0c79720ca145a851c6b3788c71ef342/beelzecookie-1.0.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "ca5fe88ca3d9c0848a74ddc73698ac13b15f06848343ff3423e811357276a7f9",
"md5": "958d40b2bea5549e65f9113ffd92e769",
"sha256": "11b1ed0c01f898816b327ccefa0e2b77c95aec75d5cf6fc7179e1c072043533e"
},
"downloads": -1,
"filename": "beelzecookie-1.0.3.tar.gz",
"has_sig": false,
"md5_digest": "958d40b2bea5549e65f9113ffd92e769",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 29909,
"upload_time": "2025-09-02T23:19:13",
"upload_time_iso_8601": "2025-09-02T23:19:13.698166Z",
"url": "https://files.pythonhosted.org/packages/ca/5f/e88ca3d9c0848a74ddc73698ac13b15f06848343ff3423e811357276a7f9/beelzecookie-1.0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-09-02 23:19:13",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "0xbthn",
"github_project": "beelzecookie",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "beelzecookie"
}
JSON
