CalvinBackup/CyberStrikeAI
1
0
Fork 0
mirror of https://github.com/Ed1s0nZ/CyberStrikeAI.git synced 2026-03-31 16:20:28 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
8ef0df109cda08d40334a5efb8697c8e56a24cab
CyberStrikeAI/tools/api-fuzzer.yaml
公明 2c01653c4d Add files via upload
2025-11-09 14:59:56 +08:00

62 lines
1.5 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: "api-fuzzer"
command: "ffuf"
enabled: true
short_description: "API端点模糊测试工具支持智能参数发现"
description: |
高级API端点模糊测试工具支持智能参数发现和漏洞评估。
**主要功能:**
- API端点发现
- 参数模糊测试
- 漏洞评估
- 多种HTTP方法支持
**使用场景:**
- API安全测试
- 端点发现
- 参数测试
- 安全评估
parameters:
- name: "base_url"
type: "string"
description: "API基础URL"
required: true
flag: "-u"
format: "flag"
- name: "endpoints"
type: "string"
description: "要测试的特定端点(逗号分隔)"
required: false
- name: "methods"
type: "string"
description: "HTTP方法逗号分隔"
required: false
default: "GET,POST,PUT,DELETE"
- name: "wordlist"
type: "string"
description: "端点发现字典"
required: false
default: "/usr/share/wordlists/api/api-endpoints.txt"
flag: "-w"
format: "flag"
- name: "additional_args"
type: "string"
description: |
额外的api-fuzzer参数。用于传递未在参数列表中定义的api-fuzzer选项。
**示例值:**
- 根据工具特性添加常用参数示例
**注意事项:**
- 多个参数用空格分隔
- 确保参数格式正确,避免命令注入
- 此参数会直接追加到命令末尾
required: false
format: "positional"
Reference in New Issue View Git Blame Copy Permalink