crithit
Website Directory and file brute forcing at extreme scale. CritHit takes a single wordlist item and tests it one by one over a large collection of hosts before moving onto the next wordlist item. The intention of brute foricng in this manner is to avoid low limit Web Application Firewall (WAF) bans and to allow brute forcing to run faster than it normally would when approaching any single host with multiple simultaneous requests.
Name:crithit
Category:Fuzzing
Publisher:trickest
Created:6/23/2021
Container:
quay.io/trickest/crithit:35f3621Output Type:
License:Unknown
Source:View Source
Parameters
--proxyA file containing list of proxy names and port [IP:port].--targetThe target URL.--verifyVerify successful results with different proxies.--threadsNumber of threads to use (default: 4).--verboseBe verbose with output.--read-forWait N seconds to receive data from server (default: 10).--wait-forWait N seconds to connect/send data to server (default: 5).--word-list(required) A filename containing list of words to use.--exceptionsFile containing words.--signaturesFile containing list of signatures to look out for in top-level domains.--max-socketsNumber of sockets to use.--statuscodesPositive status codes (will be overwritten with statuscodesblacklist if set) (default: 200,204,301,302,307,401,403,408).--target-listA file containing the list of targets.--randomize-agentUse random user agents for requests.--statuscodesblacklistNegative status codes (will override statuscodes if set).