├── .gitignore ├── .travis.yml ├── API_Fuzzer.gemspec ├── CODE_OF_CONDUCT.md ├── Gemfile ├── LICENSE.txt ├── README.md ├── Rakefile ├── app └── controllers │ └── ping_controller.rb ├── bin ├── console └── setup ├── config └── routes.rb ├── lib ├── API_Fuzzer.rb └── API_Fuzzer │ ├── csrf_check.rb │ ├── engine.rb │ ├── error.rb │ ├── header_info.rb │ ├── idor_check.rb │ ├── privilege_escalation_check.rb │ ├── rate_limit_check.rb │ ├── redirect_check.rb │ ├── request.rb │ ├── resource_info.rb │ ├── sql_blind_check.rb │ ├── sql_check.rb │ ├── version.rb │ ├── vulnerability.rb │ ├── xss_check.rb │ └── xxe_check.rb ├── payloads ├── blind_sql.txt ├── detect │ └── sql.txt ├── sql.txt └── xss.txt ├── rules ├── headers.yml └── info.yml └── test ├── API_Fuzzer_test.rb ├── header_info_test.rb ├── resource_info_test.rb ├── test_helper.rb └── xss_check_test.rb /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/.gitignore -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/.travis.yml -------------------------------------------------------------------------------- /API_Fuzzer.gemspec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/API_Fuzzer.gemspec -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/Gemfile -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/LICENSE.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/README.md -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/Rakefile -------------------------------------------------------------------------------- /app/controllers/ping_controller.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/app/controllers/ping_controller.rb -------------------------------------------------------------------------------- /bin/console: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/bin/console -------------------------------------------------------------------------------- /bin/setup: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/bin/setup -------------------------------------------------------------------------------- /config/routes.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/config/routes.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/csrf_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/csrf_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/engine.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/engine.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/error.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/error.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/header_info.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/header_info.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/idor_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/idor_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/privilege_escalation_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/privilege_escalation_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/rate_limit_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/rate_limit_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/redirect_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/redirect_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/request.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/request.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/resource_info.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/resource_info.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/sql_blind_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/sql_blind_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/sql_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/sql_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/version.rb: -------------------------------------------------------------------------------- 1 | module APIFuzzer 2 | VERSION = "0.1.1".freeze 3 | end 4 | -------------------------------------------------------------------------------- /lib/API_Fuzzer/vulnerability.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/vulnerability.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/xss_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/xss_check.rb -------------------------------------------------------------------------------- /lib/API_Fuzzer/xxe_check.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/lib/API_Fuzzer/xxe_check.rb -------------------------------------------------------------------------------- /payloads/blind_sql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/payloads/blind_sql.txt -------------------------------------------------------------------------------- /payloads/detect/sql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/payloads/detect/sql.txt -------------------------------------------------------------------------------- /payloads/sql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/payloads/sql.txt -------------------------------------------------------------------------------- /payloads/xss.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/payloads/xss.txt -------------------------------------------------------------------------------- /rules/headers.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/rules/headers.yml -------------------------------------------------------------------------------- /rules/info.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/rules/info.yml -------------------------------------------------------------------------------- /test/API_Fuzzer_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/test/API_Fuzzer_test.rb -------------------------------------------------------------------------------- /test/header_info_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/test/header_info_test.rb -------------------------------------------------------------------------------- /test/resource_info_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/test/resource_info_test.rb -------------------------------------------------------------------------------- /test/test_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/test/test_helper.rb -------------------------------------------------------------------------------- /test/xss_check_test.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Fuzzapi/API-fuzzer/HEAD/test/xss_check_test.rb --------------------------------------------------------------------------------