View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0008014Kali Linux[All Projects] Queued Tool Additionpublic2022-10-21 13:452022-11-01 14:35
ReporterRedTeamPT Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status acknowledgedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0008014: monsoon - a fast cross-plattform http enumerator written in Go
Descriptionname: monsoon
version: 0.7.0
homepage: https://github.com/RedTeamPentesting/monsoon
download: https://github.com/RedTeamPentesting/monsoon/releases/tag/v0.7.0
further information: https://blog.redteam-pentesting.de/2020/introducing-monsoon/
author: RedTeam Pentesting GmbH
licence: MIT
description: A flexible HTTP enumerator to identify and probe for files, webpages, directory traversals or used for exploitation of insecure direct object references as well as probing for different webserver behaviours.
dependencies: to compile the code, at least go 1.17. Otherweise it is a static stand-alone binary.
similar tools: gobuster, ffuf, wfuzz
activity: publicly active since 2020, development internally since 2017
how to install: `go build` for compilation, otherwise just execute the binary from the releases
how to use:

searching for present directories on a webserver
---
monsoon fuzz --file raft-small-directories-lowercase.txt https://example.com/FUZZ --hide-status 404

searching for information via an insecure direct object reference
---
monsoon fuzz --range 1-100 --extract '(?is)<title>(.*)</title>' https://example.com/user/FUZZ

Only show redirect responses with status codes between 300 and 399
---
monsoon fuzz --file filenames.txt --show-status 300-399 https://example.com/FUZZ

Further example use-cases can be seen on the Github page, the blogpost or even via monsoon itself, calling 'monsoon help fuzz'.

packaged: no

Activities

g0tmi1k

2022-11-01 14:35

administrator   ~0017033

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

Issue History

Date Modified Username Field Change
2022-10-21 13:45 RedTeamPT New Issue
2022-11-01 14:35 g0tmi1k Note Added: 0017033
2022-11-01 14:35 g0tmi1k Status new => acknowledged
2022-11-01 14:35 g0tmi1k Category New Tool Requests => Queued Tool Addition