ScannerSecurity

Monsoon – Fast HTTP Enumerator

0

A fast HTTP enumerator that allows you to execute a large number of HTTP requests, filter the responses and display them in real-time.

Example

Run an HTTP GET request for each entry in filenames.txt, hide all responses with the status code 403 or 404:

basic demo

Installation

Building from source

These instructions will get you a compiled version of the code in the master branch.

You’ll need a recent version of the Go compiler, at least version 1.11. For Debian, install the package golang-go.

Clone the repository, then from within the checkout run the following command:

$ go build

Afterwards you’ll find a monsoon binary in the current directory. It can be for other operating systems as follows:

$ GOOS=windows GOARCH=amd64 go build -o monsoon.exe

Unofficial Packages

For Arch Linux based distributions monsoon is available as an unofficial package on the AUR. Using your AUR helper of choice such as yay:

yay -S monsoon

Getting Help

The program has several subcommands, the most important one is fuzz which contains the main functionality. You can display a list of commands as follows:

$ ./monsoon -h
Usage:
  monsoon command [options]

Available Commands:
  fuzz        Execute and filter HTTP requests
  help        Help about any command
  show        Construct and display an HTTP request
  test        Send an HTTP request to a server and show the result
  version     Display version information

Options:
  -h, --help   help for monsoon

Use "monsoon [command] --help" for more information about a command.

For each command, calling it with --help (e.g. monsoon fuzz --help) will display a description of all the options, and calling monsoon help fuzz also shows an extensive list of examples.

Wordlists

The SecLists Project collects wordlists that can be used with monsoon.

Github

XSSMAP – Detect XSS vulnerability in Web Applications

Previous article

BeRoot – A Post Exploitation Privilege Escalation Tool

Next article

You may also like

Comments

Leave a reply

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir

More in Scanner