View Issue Details

IDProjectCategoryView StatusLast Update
0008014Kali LinuxQueued Tool Additionpublic2022-11-01 14:35
ReporterRedTeamPT Assigned To 
Status acknowledgedResolutionopen 
Summary0008014: monsoon - a fast cross-plattform http enumerator written in Go

name: monsoon
version: 0.7.0
further information:
author: RedTeam Pentesting GmbH
licence: MIT
description: A flexible HTTP enumerator to identify and probe for files, webpages, directory traversals or used for exploitation of insecure direct object references as well as probing for different webserver behaviours.
dependencies: to compile the code, at least go 1.17. Otherweise it is a static stand-alone binary.
similar tools: gobuster, ffuf, wfuzz
activity: publicly active since 2020, development internally since 2017
how to install: go build for compilation, otherwise just execute the binary from the releases
how to use:

searching for present directories on a webserver

monsoon fuzz --file raft-small-directories-lowercase.txt --hide-status 404

searching for information via an insecure direct object reference

monsoon fuzz --range 1-100 --extract '(?is)<title>(.*)</title>'

Only show redirect responses with status codes between 300 and 399

monsoon fuzz --file filenames.txt --show-status 300-399

Further example use-cases can be seen on the Github page, the blogpost or even via monsoon itself, calling 'monsoon help fuzz'.

packaged: no




2022-11-01 14:35

administrator   ~0017033

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~

Issue History

Date Modified Username Field Change
2022-10-21 13:45 RedTeamPT New Issue
2022-11-01 14:35 g0tmi1k Note Added: 0017033
2022-11-01 14:35 g0tmi1k Status new => acknowledged
2022-11-01 14:35 g0tmi1k Category New Tool Requests => Queued Tool Addition