CRLFuzz – Hacker Tools: Injecting CRLF for bounties 👩💻
By Anna Hammond
October 5, 2021
A CRLF injection is the injection of newlines in places where the server doesn’t expect newlines. This can cause a plethora of vulnerabilities including XSS, session fixation, cookie injection, open redirect, and much more! What are we waiting for? Let’s check out CRLFuzz, the tool that can help you!
CRLFuzz ASCII art
🙋♂️ What is CRLFuzz?
CRLFuzz is a tool written in Go by @dwisiswant0 that helps you find CRLF injections with ease!
It takes a list of URLs and will attempt to inject a header using a list of payloads. If it detects that a header was successfully injected, you’ll be alerted of it. It’s as easy as that.
🐱🏍 Our first run!
Check out the video below for an example of how you can use CRLFuzz!
👷♀️ Installing CRLFuzz
Want to install CRLFuzz? Well, just download the GitHub releases, untar and done!
Download the appropriate release from the releases on Github.
Untar the file through
tar -xf fileEnjoy the
crlfuzzbinary
🕴 Command line options
What to fuzz?
-u or –url can be used to define a URL to fuzz.
-l or –list can be used to specify a file with URLs to fuzz.
What kind of request are we sending?
-X or –method can be used to specify the request method to be used. This option defaults to GET.
-d or –data can be used to define additional request data.
-H or –header can be used to set a custom header to pass to the target.
Outputting what?
-o or –output can be used to save results to a file.
-v or –verbose can be used to show more information.
-s or –silent can be used to not output anything.
Other useful options?
-c or –concurrent can be used to set how many concurrent connections will be made. The default is 25.
-x or –proxy can be used to specify a proxy.
🚧 Conclusion
CRLFuzz is a tiny, yet helpful tool to find those injection points for your secretive CRLFs. Start using it today and let’s get some bounties!
If you would like to recommend a tool for us to cover next week, then be sure to let us know down below. Also be sure to check out all the previous Hacker Tools articles, such as the last one on Waybackurls.
Did you know that there is a video accompanying this article? Check out the playlist!
You may also like
At Intigriti, we host monthly web-based Capture The Flag (CTF) challenges as a way to engage with the security research community. This month, we've decided to take on a challenge ourselves as a way to give back to the community. In response to one of our recent articles, we decided to focus on JSON
November 11, 2025
Hunting for DOM-based XSS vulnerabilities: A complete guide
Traditional cross-site scripting (XSS) vulnerabilities were prevalent when server-side rendering (with languages like PHP, JSP, and ASP) was the norm. However, as applications become more complex and developers continue to shift application logic to the client-side, more complex client-side vulnerab
November 7, 2025
Exploiting JWT vulnerabilities: A complete guide
Before JSON Web Tokens (JWTs) became popular in today's app development landscape, web applications predominantly used server-side sessions, which presented horizontal scalability issues. JWTs solved this by moving authentication data from the server to the token itself. They are self-contained, sta