Fast HTTP enumerator
It has been a year since the last release of monsoon
but we've been working on it continuously behind the scenes. Now, we're proud to release version 0.8.0 which is full of new features, fixes and improvements. In fact, we also wrote the new blog post "Bringing Monsoon to the Next Level" which goes over all changes in detail. The most notable new features are the --replace
parameter which allows you to fuzz with multiple parameters and the overhauled test
command.
Changes:
--replace
parameter which can be specified multiple times. It combines the functionality of the --file
, --range
and --range-format
and adds even more flexibility. For example, you can search for files in multiple directories like this: --replace DIRNR:range:1-10:%02d --replace FILENAME:file:files.txt https://example.com/folder-DIRNR/FILENAME
test
command to show the table output known from monsoon fuzz
for a single fuzz value and print the request and response. It is also now a drop-in replacement for the fuzz
command for quick and easy testing.monsoon
now prints out an annotation for these requests.--extract-pipe
: The performance was improved significantly and the current fuzz values are now passed to the command as environment variables.--insecure-ciphersuites
to enable all insecure ciphersuites that are supported by Go.--connect-timeout
, --tls-handshake-timeout
and --response-header-timeout
version
command was added.Finally, we now also offer pre-built binaries below.
Changes:
--follow-redirect n
--ipv4-only
) or IPv6 (--ipv6-only
)--show-status
option, improved column indentation and better help textsChanges:
$MONSOON_PROGRESS_FPS
to override)