Crlfi
This is a tool used by several security researchers to find Carriage Return Line Feed Injection Bug
Install / Use
/learn @Cappricio-Securities/CrlfiREADME
Badges
License
Installation
-
Install Python3 and pip Instructions Here (If you can't figure this out, you shouldn't really be using this)
- Install via pip
-
pip install crlfi
-
- Run bellow command to check
crlfi -h
- Install via pip
Configurations
-
We integrated with the Telegram API to receive instant notifications for vulnerability detection.
- Telegram Notification
-
crlfi --chatid <YourTelegramChatID>
-
- Open your telegram and search for
@CappricioSecuritiesTools_botand click start
- Telegram Notification
Usages
-
This tool has multiple use cases.
- To Check Single URL
-
crlfi -u http://example.com
-
- To Check List of URL
-
crlfi -i urls.txt
-
- Save output into TXT file
-
crlfi -i urls.txt -o out.txt
-
- Want to Learn about
crlfi? Then Type Below command-
crlfi -b
-
- To Check Single URL
Working PoC Video
Help menu
Get all items
👋 Hey Hacker
v1.0
__________ __ __________
/ ____/ __ \/ / / ____/ _/
/ / / /_/ / / / /_ / /
/ /___/ _, _/ /___/ __/ _/ /
\____/_/ |_/_____/_/ /___/
Developed By https://cappriciosec.com
crlfi : Bug scanner for WebPentesters and Bugbounty Hunters
$ crlfi [option]
Usage: crlfi [options]
| Argument | Type | Description | Examples |
| :-------- | :------- | :------------------------- | :------------------------- |
| -u | --url | URL to scan | crlfi -u https://target.com |
| -i | --input | filename Read input from txt | crlfi -i target.txt |
| -o | --output | filename Write output in txt file | crlfi -i target.txt -o output.txt |
| -c | --chatid | Creating Telegram Notification | crlfi --chatid yourid |
| -b | --blog | To Read about crlfi Bug | crlfi -b |
| -h | --help | Help Menu | crlfi -h |
🔗 Links
Author
Feedback
If you have any feedback, please reach out to us at contact@karthithehacker.com
