Skip to content

intruder-io/junker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
mutations.go
mutations.go
 
 
worker.go
worker.go
 
 

Repository files navigation

A CL.CL request smuggling scanner which uses invalid values in the "Content-Length" header for detection.

Usage

$ junker -h
Usage of junker:
  -b, --batch-size int     The number of input lines to process at once, shuffling the tests for each (default 200)
  -H, --headers strings    Extra headers to include in requests - to add multiple headers specify multiple times
  -m, --methods strings    HTTP method to test - to test multiple methods specify multiple times (default [POST])
  -n, --no-resolve         Don't resolve domains, instead expect the input to be in the format <ip>,<url>
  -o, --output string      The file to output results to, in JSON format - use '-' for stdout (default "junker.json")
  -r, --runs int           The number of times to check before flagging a result as vulnerable (default 3)
  -t, --timeout duration   The timeout value to use for HTTP requests (default 5s)
  -c, --workers int        The number of concurrent wokers (default 10)

About

CL.CL request smuggling scanner

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages