Hey Folks, in this tutorial we are going to talk about another FUZZING tool called “Monsoon“. The tool is designed in bash scripting that allows us to execute a large number of HTTP requests within a few seconds. But the question is, what is special about it that makes it different from others? So in this tool has fastest HTTP enumeration feature which is different from others tools.

Lets take a look 🙂 !!

Installation

First we have to download the go language in our terminal by given command.

Now we will download this tool from github and after the download is complete we will go to the directory and doing the further process.

Go build command is usually used to compile the packages and dependencies that you have defined/used in your project.

Now we can boot this tool by using the given command and even we can take help of “bash” command in order to start this tool.

Example

Usage is also not difficult, just you have to understand the scenario, then you will get used to it. Just take any URL for practice purpose’s and boost your HTTP enumerations. Make sure to give FUZZ at the end of the URL.

Usage 🙂 ./monsoon –file < wordlist > < URL/FUZZ >

You can see the results that look similar to others tool but the special thing you will see below is the time period of this enumeration.

Hide Status

In CTF challenges we do not have much time to solve the labs and in that case we try to get results as soon as possible without any effort. In such case we can add such fillers from which will get us accurate and quick results.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.

Leave a Reply

Your email address will not be published. Required fields are marked *