1 unstable release

0.1.0 Dec 19, 2024

#477 in Command line utilities

Download history 106/week @ 2024-12-18

106 downloads per month

MIT license

37KB
759 lines

SoySauce - Pen-test Tool

The all-around brute-forcing and fuzzing tool for penetration testers and ethical hackers.

NOTE: SoySauce is in the development phase. Features will be added, things changed, and bugs found!

Installing

Make sure these packages are installed:

  • openssl
  • pkg-config
  • libssl-dev

cargo install soysauce

Usage

SoySauce performs penetration tests specifid in a testfile. Testfiles are TOML-formatted textfiles that specify the details of the test.

HTTP brute-forcing and dictionary tests

With SoySauce you can fuzz and brute-force HTTP-requests. Speficy a HTTP test as follows:

[httpTest]
url = "https://example.com/^PARAM^"
method = "POST" # supported methods: GET, POST. Default is GET
body = "username=^USER^&password=^PASS^" # optional
pass_codes = [200] # Accept responses with these codes, optional, default: [200]
reject_codes = [] # Reject responses with these codes, optional, default: []
pass_string = "ok!" # Accept responses with this string includeed in the response body. This field is not required
reject_string = "Unathorized" # Reject responses with this string included in the response body. This field is not required
default_action = "reject" # Default action when none of the above matches. default: "reject"
exhaust = false # optional, true means all combinations will be tested
                # By default, program will exit on first match

[httpTest.headers] # optional
Content-Type = "application/x-www-form-urlencoded"

Parameters

Parameters are tokens for passwords, usernames, directories, or others like base64 formatted basic-auth strings.

Specifying parameters in your testfile can be done as following: The parameter name can be any uppercase word, and is specified after the period (.) Parameters can be referenced in other places like so: ^PARAM^ where 'PARAM' is the name of the parameter. Parameters are specifid like so:

[param.PARAM]
...

Wordlists

Wordlist parameters read a file with multiple strings separated with lines. You can specify a wordlist parameters as follows:

[param.NAME]
type = "wordlist"
wordlist = "names.txt"

Compositions

Compositions can be crafted from other paramters dynamically. Encoding can be specifid with the 'encode' field. One example can be a base64 formatted login string. For the list of supported encodings, see below.

[param.COMP]
type = "compose"
compose = "^LOGIN^:^PASS^"
encode = "base64"

Brutes

Brutes are flexible ways to generate parameters. The following generates all the possible combinations of the characters specified to the length of 4. if fixed_length is true, only strings with length are generated, if false, all lengths below and including length are generated.

[param.BRUTE]
type = "brute"
brute = "a-z,0-9"
length = 4
fixed_length = true

Brutes can also be used to append strings to other parameters.

[param.BRUTE2]
type = "brute"
brute = "^FILENAME^.txt"

Ranges

All numbers in a range.

[param.RANGE]
type = "range"
from = 1
to = 10

In-place wordlists

Words specifid in the TOML-file.

[param.INPLACE]
type = "words"
words = """
apple
orange
pear
"""

Literal strings

A simple literal string. Can be useful as a placeholder or if you need to escape parameter names

[param.BRUTE2]
type = "string"
string = "^LITERALLY^"

Templates

You can generate a few templates of testfiles with the --generate argument.

Encodings

List of supported encodings:

  • text
  • base64
  • url

Custom encoding

Not supported yet

Additional flags

  • -o <file>: Output file
  • --verfiy-file <file>: Check a tesfile for syntax errors
  • --banner hide: Disable banner

see: soysauce --help

Dependencies

~9–21MB
~290K SLoC