Skip to content

duxv/brutal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
cli
cli
 
 
config
config
 
 
fuzzer
fuzzer
 
 
logging
logging
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
TODO
TODO
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

Brutal

A lightweight, very fast & simple to use web fuzzer.

Installation

Install Go

Debian / Ubuntu

sudo apt update && sudo apt upgrade && sudo apt install golang-go

Arch

sudo pacman -Sy go

Windows
Click here

Install Brutal

go install github.com/duxv/brutal@latest

Usage

Brutal is pretty easy to use.

Command Description
--debug print more details about the runtime
--help retrieve all commands and a small description for each
--method change the method of the requests
--quick-list use a command line string separated by commas as a wordlist
--threads the amount of requests to be done at the same time
--timeout the amount of milliseconds to wait for a request
--match-status all positive status codes, separated by a comma
--match-length the response body must have this amount of characters
--match-regex the response body must match this regex
--wordlist the file to retrieve the words from
--wordlist-separator what to separate the words by in the wordlist

FUZZ keyword

The 'FUZZ' keyword is used to represent the place where to word is going to be

For instance, if you run brutal http://localhost:9000/FUZZ, and the words in the wordlist are 'etc' and 'passwd', the next URLs will be requested:

  • http://localhost:9000/etc
  • http://localhost:9000/passwd

If you'd use the keyword multiple times, it will get replaced each time.

What amount of threads to use?

Sometimes one thread can be faster than four, because of the synchronization price.
If you have 0ms latency, one thread would be just fine, either way you can use more.
It depends on the time it takes to process a request.

Which are the valid methods?

  • GET
  • HEAD
  • POST
  • PUT
  • DELETE
  • CONNECT
  • OPTIONS
  • TRACE
  • PATCH

Having a suggestion?

If you have any suggestions, ideas or found any bug, you can join this Discord server.

Output of the --help flag

Usage:
  brutal [flags]

Examples:
brutal http://127.0.0.1/FUZZ

Flags:
  -d, --debug                       print more information about the runtime
  -h, --help                        help for brutal
  -l, --match-length int            length of the response body must be equal to (default -1)
  -r, --match-regex string          response body must match this regex
  -x, --match-status string         http status codes identified as valid (separated by a comma) (default "200,201,202,203,204,205,206,207,208,226")
  -m, --method string               method of the requests to be done (default "GET")
  -q, --quick-list string           use a wordlist from the command line arguments (separated by a comma)
  -p, --threads int                 number of attempts to run at the same time (default 1)
  -t, --timeout int                 time in milliseconds to wait for a request (default 5000)
  -w, --wordlist string             words to use
  -s, --wordlist-separator string   separator of words in the wordlist (default "\n")

Warning

The tool is still in the very early development stage and critical bugs can occurr.

About

Easy-to-use web fuzzer, written in Go.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages