Overview
LostFuzzer is a Bash script designed to automate the process of Dynamic Application Security Testing (DAST) using passive URLs. It leverages the gau tool to extract, filter, and test URLs effectively.
Key Features
- Automated URL Recon: Extracts valid URLs with real query parameters.
- DAST Scanning: Performs security testing using the Nuclei tool.
- Live URL Checking: Verifies which URLs are live before scanning.
- Efficient Filtering: Removes imbalanced or fuzzed queries to ensure accurate testing.
Benefits
- Faster Bug Hunting: Streamlines the process of finding vulnerabilities.
- Cleaner Results: Provides accurate and relevant results for security testing.
- Educational Use: Intended for legal security testing and educational purposes only.
Usage
To use LostFuzzer, clone the repository, make the script executable, and run it to follow the prompts for scanning.