Description
CRLFsuite is a fast tool designed specifically for CRLF injection scanning. CRLF vulnerabilities can lead to HTTP response splitting, session fixation, cache poisoning, and XSS. It tests multiple injection points with various encoding techniques.
Installation
BASH
pip3 install crlfsuite
# Or from source
git clone https://github.com/Nefcore/CRLFsuite.git
cd CRLFsuite && pip3 install .Basic Usage
BASH
# Scan single URL
crlfsuite -u "https://target.com"
# Scan from file
crlfsuite -l urls.txt
# Silent mode
crlfsuite -u "https://target.com" -sAdvanced Usage
BASH
# Custom threads
crlfsuite -l urls.txt -t 30
# Output to file
crlfsuite -l urls.txt -o results.txt
# Custom headers
crlfsuite -u "https://target.com" -H "Cookie: session=abc"
# Only test specific methods
crlfsuite -u "https://target.com" -m GETCommon Workflows
BASH
# Full CRLF scan pipeline
subfinder -d target.com -silent | httpx -silent | crlfsuite -l /dev/stdin -s
# Test parameterized URLs
gau target.com | grep "=" | sort -u | crlfsuite -l /dev/stdin -t 30
# Combine with waybackurls
waybackurls target.com | sort -u | crlfsuite -l /dev/stdin -s -o crlf_vulns.txt