def insertFuzz(url, fuzz):
"""
:Description: This function inserts the Fuzz as GET Parameter in the URL
:param url: Target URL
:type type: String
:param fuzz: Fuzzing string
:type fuzz: String
:return: The URL with a concatenated string consisting of a random string and the fuzz.
:note: Some fuzzing symbols can be part of a normal response. In order to distinctly find the fuzz that was sent, a random string is added before the fuzz.
"""
fuzz = urllib.quote_plus(fuzz) #url encoding
randomString = ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(6))
return randomString, url.replace('FUZZ', randomString + str(fuzz))
评论列表
文章目录
