-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Devansh Raghav - @vip3r edited this page Jun 27, 2021
·
4 revisions
option: 1
Crawl a URL using FALL
[>] SET: 1
[>] URL: https://www.example.com
option: 2
Test for LFI bugs using FALL by setting the following options:
[>] SET: 2
[>] URL: https://www.example.com/?q=FUZZ
[>] Payloads: /path/to/payloads/lfi_payloads.txt
[>] Placeholder: FUZZ
option: 3
Encode what you want in different algorithms by setting the following options:
[>] SET: 3
[>] Enter encoding: HTML
[>] Enter what you want to encode: <script>alert(1)</script>
option: 4
Find the subdomains of a domain by setting the following options:
[>] SET: 4
[>] Domain: example.com
[>] Wordlist: /path/to/wordlist/wordlist.txt
option: 5
Generating reverse shells by setting the following options:
[>] SET: 5
[>] Shell: BASH
[>] LHOST: 192.168.x.x
[>] LPORT: 8080
option: 6
Brute force the directory of a web and find hidden files by setting the following option:
[>] SET: 6
[>] URL: https://example.com
[>] Wordlist: /path/to/wordlist/wordlist.txt
option: 7
Testing for open redirect bugs by setting the following options:
[>] SET: 7
[>] URL: http://testphp.vulnweb.com:80/redir.php?r=FUZZ
[>] Payloads: /path/to/payloads/payload.txt
[>] Placeholder: FUZZ
option: 8
[>] SET: 8
[>] Target: 192.168.x.x
[>] Scan up to port (ex would be 1000): 65535