Learn about fuzzing HTTP requests with Nuclei
fuzzing
section of the HTTP request. This allows creating templates for generic Web Application vulnerabilities like SQLi, SSRF, CMDi, etc without any information of the target like a classic web fuzzer.
default
) - fuzz query parameters for URLpath
,header
,body
,cookie
, etc parts soon.
default
) - replace the value with payloaddefault
) - replace all values at onceNote: default values are set/used when other options are not defined.
type
for a parameter. It supports payloads, DSL functions, etc and allows users to fully utilize the existing nuclei feature-set for fuzzing purposes.