lostfuzzer

Overview

LostFuzzer is a Bash script designed to automate the process of Dynamic Application Security Testing (DAST) using passive URLs. It leverages the gau tool to extract, filter, and test URLs effectively.

Key Features

• Automated URL Recon: Extracts valid URLs with real query parameters.
• DAST Scanning: Performs security testing using the Nuclei tool.
• Live URL Checking: Verifies which URLs are live before scanning.
• Efficient Filtering: Removes imbalanced or fuzzed queries to ensure accurate testing.

Benefits

• Faster Bug Hunting: Streamlines the process of finding vulnerabilities.
• Cleaner Results: Provides accurate and relevant results for security testing.
• Educational Use: Intended for legal security testing and educational purposes only.

Usage

To use LostFuzzer, clone the repository, make the script executable, and run it to follow the prompts for scanning.