# FUZZmap
<div align="center">
[](https://www.python.org/)
[](LICENSE)
**Web Application Vulnerability Fuzzing Tool**
*Current version: 0.1 (SQL Injection)*
</div>
<p align="center">
<img src="https://img.shields.io/badge/%F0%9F%94%8D-Fuzzing-blueviolet" alt="Fuzzing">
<img src="https://img.shields.io/badge/%F0%9F%93%8A-Parameter%20Collection-green" alt="Parameter Reconnaissance">
<img src="https://img.shields.io/badge/%F0%9F%9B%A1%EF%B8%8F-Vulnerability%20Detection-orange" alt="Vulnerability Detection">
</p>
FUZZmap is a web application vulnerability fuzzing tool designed to detect security flaws. It identifies web application vulnerabilities through automated parameter Reconnaissance and advanced payload testing.
## đģ FUZZmap Developers
- [arrester](https://github.com/arrester)
- [jhanks](https://github.com/jeongahn)
- [mathe](https://github.com/ma4the)
- [arecia](https://github.com/areciah)
- [hansowon](https://github.com/hansowon)
## ⨠Features
- **Parameter Reconnaissance**
- **Common Payload Testing**
- **Advanced Payload Testing**
- **SQL Injection Detection** - Advanced analysis including error-based, time-based, and boolean-based techniques (v0.1)
- **XSS Detection** - *(Advanced analysis coming in v0.2)*
- **SSTI Detection** - *(Advanced analysis coming in v0.3)*
- **Asynchronous Architecture** - Utilizes `asyncio` and semaphores for optimized concurrent testing
- **Expandable Framework** - Designed for easy addition of new vulnerability types in future versions
## đ Installation
### Using pip
```bash
# Installation
pip install fuzzmap
```
### From GitHub
```bash
# Git clone
git clone https://github.com/offensive-tooling/FUZZmap.git
cd fuzzmap
# Installation
pip install -e .
```
## đ Usage
### Command Line Usage
```bash
# Test specific parameter
fuzzmap -t <target_url> -m get -p <target_parameter>
# Test multiple parameters
fuzzmap -t <target_url> -m get -p <target_parameter 1>,<target_parameter 2>
# Use POST method
fuzzmap -t <target_url> -m post -p <target_parameter>
# Test with Parameter Reconnaissance
fuzzmap -t <target_url> -rp
```
### Python Module Usage
```python
import asyncio
from fuzzmap import Controller
async def main():
# Test with specific parameters
fm = Controller(target="http://target.com", method="GET", param=["target_parameter"])
results = await fm.async_run()
print(results)
# Test with Parameter Reconnaissance
fm = Controller(target="http://target.com", recon_param=True)
results = await fm.async_run()
print(results)
asyncio.run(main())
```
## đ ī¸ How It Works
FuzzMap operates in four main phases:
1. **Parameter Reconnaissance**: Automatically identifies parameters through:
- URL query extraction
- Form field analysis (inputs, selects, textareas)
- Form action paths and methods
- *(JavaScript hidden parameters - release later)*
- *(Dynamic parameter collection module - release later)*
2. **Common Payload Testing**: Tests various vulnerabilities with common payloads:
- SQL Injection
- XSS (Cross Site Scripting)
- SSTI (Server Side Template Injection)
- *(More types to be continuously added)*
3. **Advanced Payload Testing** (Currently for SQL Injection only):
- SQL Injection (error-based, time-based, boolean-based)
- *(XSS payloads and features coming in v0.2)*
- *(SSTI payloads and features coming in v0.3)*
4. **Result Classification**: Categorize findings as follows:
- Vulnerability type and subtype
- Detection confidence scoring (0-100%)
- Detection details and evidence
## đ Example Output
```
handler: common, advanced
đ¯ url: http://target.com/
parameters: ['test', 'searchFor']
method: GET
Type: xss
đ° Detected: True
Common_payload: '"><iframe onload=alert('{{1234**3}}');>
Common_Confidence: 50
đ Detail_Vuln: Error-Based SQL Injection
Advanced_payload: ' UNION SELECT NULL-- -
Advanced_Confidence: 100
Context: ECT NULL-- -</h2>Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '
------------------------------------------------------------------
handler: common, advanced
đ¯ url: http://target.com/
parameters: ['test', 'searchFor']
method: GET
Type: sql_injection
đ° Detected: True
Common_payload: ' || BEGIN DBMS_SESSION.SLEEP(5); END; --
Common_Confidence: 70
đ Detail_Vuln: Error-Based SQL Injection
Advanced_payload: ' UNION SELECT NULL-- -
Advanced_Confidence: 100
Context: ECT NULL-- -</h2>Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '
```
## âī¸ Command Line Options
```
-t, --target đ¯ Target URL to scan
-m, --method đĄ HTTP method (GET/POST)
-p, --param đ Parameters to test (comma separated)
-rp, --recon đ Enable parameter reconnaissance
-v, --verbose đ Enable verbose output
-h, --help âšī¸ Show help message
```
## đ Translations
- [English (Original)](README.md)
- [Korean](fuzzmap/doc/translations/README-KR.md)
## đ Disclaimer
FUZZmap is designed for legitimate security testing with proper authorization. Always ensure you have permission before testing any website or application.
---
<div align="center">
<b>FUZZmap - Slogan (Coming Soon)</b>
</div>
Raw data
{
"_id": null,
"home_page": "https://github.com/offensive-tooling/fuzzmap",
"name": "fuzzmap",
"maintainer": "Offensive Tooling",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "arresterloyal@gmail.com, jhanks1221@gmail.com, sosoeme8@gmail.com, syuwon2006@gmail.com, hansowon0601@gmail.com",
"keywords": "security, web, fuzzing, vulnerability, scanner",
"author": "Offensive Tooling (arrester, jhanks, mathe, arecia, hansowon)",
"author_email": "arresterloyal@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/23/8a/cce0f931963f9c7603a3c00e1b0789de242d18163563c00d6a5780a4b193/fuzzmap-0.1.9.3.tar.gz",
"platform": null,
"description": "# FUZZmap \n\n<div align=\"center\">\n \n[](https://www.python.org/)\n[](LICENSE)\n\n**Web Application Vulnerability Fuzzing Tool**\n\n*Current version: 0.1 (SQL Injection)*\n\n</div>\n\n<p align=\"center\">\n <img src=\"https://img.shields.io/badge/%F0%9F%94%8D-Fuzzing-blueviolet\" alt=\"Fuzzing\">\n <img src=\"https://img.shields.io/badge/%F0%9F%93%8A-Parameter%20Collection-green\" alt=\"Parameter Reconnaissance\">\n <img src=\"https://img.shields.io/badge/%F0%9F%9B%A1%EF%B8%8F-Vulnerability%20Detection-orange\" alt=\"Vulnerability Detection\">\n</p>\n\nFUZZmap is a web application vulnerability fuzzing tool designed to detect security flaws. It identifies web application vulnerabilities through automated parameter Reconnaissance and advanced payload testing.\n\n\n\n## \ud83d\udcbb FUZZmap Developers\n- [arrester](https://github.com/arrester)\n- [jhanks](https://github.com/jeongahn)\n- [mathe](https://github.com/ma4the)\n- [arecia](https://github.com/areciah)\n- [hansowon](https://github.com/hansowon)\n\n## \u2728 Features\n\n- **Parameter Reconnaissance**\n- **Common Payload Testing**\n- **Advanced Payload Testing**\n - **SQL Injection Detection** - Advanced analysis including error-based, time-based, and boolean-based techniques (v0.1)\n - **XSS Detection** - *(Advanced analysis coming in v0.2)*\n - **SSTI Detection** - *(Advanced analysis coming in v0.3)*\n- **Asynchronous Architecture** - Utilizes `asyncio` and semaphores for optimized concurrent testing\n- **Expandable Framework** - Designed for easy addition of new vulnerability types in future versions\n\n## \ud83d\udccb Installation\n\n### Using pip\n```bash\n# Installation\npip install fuzzmap\n```\n\n### From GitHub\n```bash\n# Git clone\ngit clone https://github.com/offensive-tooling/FUZZmap.git\ncd fuzzmap\n\n# Installation\npip install -e .\n```\n\n## \ud83d\ude80 Usage\n\n### Command Line Usage\n\n```bash\n# Test specific parameter\nfuzzmap -t <target_url> -m get -p <target_parameter>\n\n# Test multiple parameters\nfuzzmap -t <target_url> -m get -p <target_parameter 1>,<target_parameter 2>\n\n# Use POST method\nfuzzmap -t <target_url> -m post -p <target_parameter>\n\n# Test with Parameter Reconnaissance \nfuzzmap -t <target_url> -rp\n```\n\n### Python Module Usage\n\n```python\nimport asyncio\nfrom fuzzmap import Controller\n\nasync def main():\n\n # Test with specific parameters\n fm = Controller(target=\"http://target.com\", method=\"GET\", param=[\"target_parameter\"])\n results = await fm.async_run()\n print(results)\n \n # Test with Parameter Reconnaissance\n fm = Controller(target=\"http://target.com\", recon_param=True)\n results = await fm.async_run()\n print(results)\n\nasyncio.run(main())\n```\n\n## \ud83d\udee0\ufe0f How It Works\n\nFuzzMap operates in four main phases:\n\n1. **Parameter Reconnaissance**: Automatically identifies parameters through:\n - URL query extraction\n - Form field analysis (inputs, selects, textareas)\n - Form action paths and methods\n - *(JavaScript hidden parameters - release later)*\n - *(Dynamic parameter collection module - release later)*\n\n2. **Common Payload Testing**: Tests various vulnerabilities with common payloads:\n - SQL Injection\n - XSS (Cross Site Scripting)\n - SSTI (Server Side Template Injection)\n - *(More types to be continuously added)*\n\n3. **Advanced Payload Testing** (Currently for SQL Injection only):\n - SQL Injection (error-based, time-based, boolean-based)\n - *(XSS payloads and features coming in v0.2)*\n - *(SSTI payloads and features coming in v0.3)*\n\n4. **Result Classification**: Categorize findings as follows:\n - Vulnerability type and subtype\n - Detection confidence scoring (0-100%)\n - Detection details and evidence\n\n## \ud83d\udcca Example Output\n\n```\nhandler: common, advanced\n\ud83c\udfaf url: http://target.com/\nparameters: ['test', 'searchFor']\nmethod: GET\nType: xss\n\ud83d\udcb0 Detected: True\nCommon_payload: '\"><iframe onload=alert('{{1234**3}}');>\nCommon_Confidence: 50\n\ud83d\udd0d Detail_Vuln: Error-Based SQL Injection\nAdvanced_payload: ' UNION SELECT NULL-- -\nAdvanced_Confidence: 100\nContext: ECT NULL-- -</h2>Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\n\n------------------------------------------------------------------\nhandler: common, advanced\n\ud83c\udfaf url: http://target.com/\nparameters: ['test', 'searchFor']\nmethod: GET\nType: sql_injection\n\ud83d\udcb0 Detected: True\nCommon_payload: ' || BEGIN DBMS_SESSION.SLEEP(5); END; -- \nCommon_Confidence: 70\n\ud83d\udd0d Detail_Vuln: Error-Based SQL Injection\nAdvanced_payload: ' UNION SELECT NULL-- -\nAdvanced_Confidence: 100\nContext: ECT NULL-- -</h2>Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\n```\n\n## \u2699\ufe0f Command Line Options\n\n```\n-t, --target \ud83c\udfaf Target URL to scan\n-m, --method \ud83d\udce1 HTTP method (GET/POST)\n-p, --param \ud83d\udd0d Parameters to test (comma separated)\n-rp, --recon \ud83d\udd0e Enable parameter reconnaissance\n-v, --verbose \ud83d\udcdd Enable verbose output\n-h, --help \u2139\ufe0f Show help message\n```\n\n## \ud83d\udcdd Translations\n\n- [English (Original)](README.md)\n- [Korean](fuzzmap/doc/translations/README-KR.md)\n\n## \ud83d\udd14 Disclaimer\n\nFUZZmap is designed for legitimate security testing with proper authorization. Always ensure you have permission before testing any website or application.\n\n---\n\n<div align=\"center\">\n <b>FUZZmap - Slogan (Coming Soon)</b>\n</div>\n",
"bugtrack_url": null,
"license": null,
"summary": "FUZZmap is a web application vulnerability fuzzing tool designed to detect security flaws.",
"version": "0.1.9.3",
"project_urls": {
"Bug Tracker": "https://github.com/offensive-tooling/fuzzmap/issues",
"Documentation": "https://github.com/offensive-tooling/fuzzmap/wiki",
"Homepage": "https://github.com/offensive-tooling/fuzzmap",
"Source Code": "https://github.com/offensive-tooling/fuzzmap"
},
"split_keywords": [
"security",
" web",
" fuzzing",
" vulnerability",
" scanner"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "d7af976888dc4089cd42b08fca3e4c3ee05c18dbe16db62e05934a65c489e3ad",
"md5": "de5a286a808e8af818bc585cc4837d48",
"sha256": "c6b5a290148882e8c389f9e793beb7e2d7b6e23b16f2866adb41d63c41da5587"
},
"downloads": -1,
"filename": "fuzzmap-0.1.9.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "de5a286a808e8af818bc585cc4837d48",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 40996,
"upload_time": "2025-03-23T15:43:35",
"upload_time_iso_8601": "2025-03-23T15:43:35.130387Z",
"url": "https://files.pythonhosted.org/packages/d7/af/976888dc4089cd42b08fca3e4c3ee05c18dbe16db62e05934a65c489e3ad/fuzzmap-0.1.9.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "238acce0f931963f9c7603a3c00e1b0789de242d18163563c00d6a5780a4b193",
"md5": "ff31b6b47f06665eff486cc9519eedc5",
"sha256": "560777e9b207076ad5947dfb794852383fa8aa562e9ccda318c84a5f5b9ee647"
},
"downloads": -1,
"filename": "fuzzmap-0.1.9.3.tar.gz",
"has_sig": false,
"md5_digest": "ff31b6b47f06665eff486cc9519eedc5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 36572,
"upload_time": "2025-03-23T15:43:36",
"upload_time_iso_8601": "2025-03-23T15:43:36.754780Z",
"url": "https://files.pythonhosted.org/packages/23/8a/cce0f931963f9c7603a3c00e1b0789de242d18163563c00d6a5780a4b193/fuzzmap-0.1.9.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-03-23 15:43:36",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "offensive-tooling",
"github_project": "fuzzmap",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "aiohappyeyeballs",
"specs": [
[
"==",
"2.4.4"
]
]
},
{
"name": "aiohttp",
"specs": [
[
"==",
"3.11.11"
]
]
},
{
"name": "aioresponses",
"specs": [
[
"==",
"0.7.7"
]
]
},
{
"name": "aiosignal",
"specs": [
[
"==",
"1.3.2"
]
]
},
{
"name": "asyncio",
"specs": [
[
"==",
"3.4.3"
]
]
},
{
"name": "attrs",
"specs": [
[
"==",
"24.3.0"
]
]
},
{
"name": "beautifulsoup4",
"specs": [
[
"==",
"4.12.3"
]
]
},
{
"name": "certifi",
"specs": [
[
"==",
"2024.12.14"
]
]
},
{
"name": "charset-normalizer",
"specs": [
[
"==",
"3.4.1"
]
]
},
{
"name": "colorama",
"specs": [
[
"==",
"0.4.6"
]
]
},
{
"name": "dnspython",
"specs": [
[
"==",
"2.7.0"
]
]
},
{
"name": "docutils",
"specs": [
[
"==",
"0.21.2"
]
]
},
{
"name": "frozenlist",
"specs": [
[
"==",
"1.5.0"
]
]
},
{
"name": "greenlet",
"specs": [
[
"==",
"3.1.1"
]
]
},
{
"name": "httpretty",
"specs": [
[
"==",
"1.1.4"
]
]
},
{
"name": "idna",
"specs": [
[
"==",
"3.10"
]
]
},
{
"name": "iniconfig",
"specs": [
[
"==",
"2.0.0"
]
]
},
{
"name": "jaraco.classes",
"specs": [
[
"==",
"3.4.0"
]
]
},
{
"name": "jaraco.context",
"specs": [
[
"==",
"6.0.1"
]
]
},
{
"name": "jaraco.functools",
"specs": [
[
"==",
"4.1.0"
]
]
},
{
"name": "keyring",
"specs": [
[
"==",
"25.6.0"
]
]
},
{
"name": "lxml",
"specs": [
[
"==",
"5.3.0"
]
]
},
{
"name": "markdown-it-py",
"specs": [
[
"==",
"3.0.0"
]
]
},
{
"name": "mdurl",
"specs": [
[
"==",
"0.1.2"
]
]
},
{
"name": "more-itertools",
"specs": [
[
"==",
"10.5.0"
]
]
},
{
"name": "multidict",
"specs": [
[
"==",
"6.1.0"
]
]
},
{
"name": "nh3",
"specs": [
[
"==",
"0.2.20"
]
]
},
{
"name": "packaging",
"specs": [
[
"==",
"24.2"
]
]
},
{
"name": "pkginfo",
"specs": [
[
"==",
"1.12.0"
]
]
},
{
"name": "playwright",
"specs": [
[
"==",
"1.49.1"
]
]
},
{
"name": "pluggy",
"specs": [
[
"==",
"1.5.0"
]
]
},
{
"name": "propcache",
"specs": [
[
"==",
"0.2.1"
]
]
},
{
"name": "pyee",
"specs": [
[
"==",
"12.0.0"
]
]
},
{
"name": "Pygments",
"specs": [
[
"==",
"2.19.1"
]
]
},
{
"name": "pytest",
"specs": [
[
"==",
"8.3.4"
]
]
},
{
"name": "pytest-asyncio",
"specs": [
[
"==",
"0.25.2"
]
]
},
{
"name": "python-Wappalyzer",
"specs": [
[
"==",
"0.3.1"
]
]
},
{
"name": "PyYAML",
"specs": [
[
"==",
"6.0.2"
]
]
},
{
"name": "readme_renderer",
"specs": [
[
"==",
"44.0"
]
]
},
{
"name": "requests",
"specs": [
[
"==",
"2.32.3"
]
]
},
{
"name": "requests-toolbelt",
"specs": [
[
"==",
"1.0.0"
]
]
},
{
"name": "rfc3986",
"specs": [
[
"==",
"2.0.0"
]
]
},
{
"name": "rich",
"specs": [
[
"==",
"13.9.4"
]
]
},
{
"name": "setuptools",
"specs": [
[
"==",
"75.8.0"
]
]
},
{
"name": "soupsieve",
"specs": [
[
"==",
"2.6"
]
]
},
{
"name": "tqdm",
"specs": [
[
"==",
"4.67.1"
]
]
},
{
"name": "twine",
"specs": [
[
"==",
"6.0.1"
]
]
},
{
"name": "typing_extensions",
"specs": [
[
"==",
"4.12.2"
]
]
},
{
"name": "urllib3",
"specs": [
[
"==",
"2.3.0"
]
]
},
{
"name": "wheel",
"specs": [
[
"==",
"0.45.1"
]
]
},
{
"name": "yarl",
"specs": [
[
"==",
"1.18.3"
]
]
}
],
"lcname": "fuzzmap"
}
