Bountyhq

Fuzzer Usage

Data from BountyHQ can be sent to other SecApps tools, such as Fuzzer, for additional testing and discovery. Common use-cases include:

  • Quick discovery of API endpoints and other sensitive URLs
  • Testing for common security problems at scale
  • Use of custom, testing workflows for automation

Open any BountyHQ report and select the Data tab. Select URIs from the Kind filter. You will see a screenshot similar to the one below.

Screenshot 2020-08-21 at 14.04.29

Click Open All in Fuzzer to load all URIs into the Fuzzer application. The is now preloaded with all URLs extracted from the previous step.

Select the URL bar. Delete the placeholder text and start typing variable until it auto-completes. Select the uri variable from the dropdown.

Screenshot 2020-08-21 at 15.06.25

Type /.git/config after the variable. In this example, we are looking for exposed git repositories. Select Analyze Transactions in the options section. Click the play button to start the fuzzer.

See SecApps Fuzzer documentation for additional options and use-cases.