This script automates the process of extracting, filtering, and testing passive URLs by using gau tool. It checks for live URLs and performs DAST (Dynamic Application Security Testing) using nuclei.
ParamSpider can create imbalanced URLs like:
http://testphp.vulnweb.com/listproducts.php?artist=FUZZ&cat=FUZZ
This breaks Nuclei DAST scans because every query needs a valid parameter. The URL has too many FUZZ placeholders. This makes it harder for Nuclei to properly process and test each parameter because valid query structures are needed for effective scanning.also i did'nt used any active crawler tool bcz thats takes lots of time to get live urls from targets.
That’s why I built this custom tool to extract only valid URLs with full query parameters, ensuring they are correctly formatted for security testing.
✅ Extracts valid URLs with real query parameters
✅ Removes imbalanced/fuzzed queries
✅ Checks live URLs before scanning
✅ Runs Nuclei DAST properly for accurate results
This makes bug hunting faster, cleaner, and more effective! 🚀
Ensure the following tools are installed before running the script:
Clone the repository and navigate into it:
git clone https://github.com/coffinxp/lostfuzzer.git
cd lostfuzzerMake the script executable:
chmod +x lostfuzzer.shRun the script and follow the prompts:
./lostfuzzer.shYou'll be asked to provide:
- A target domain or a file containing a list of subdomains
The script will:
- Fetch passive URLs by gau tool in parallel if there are multiple subdomains
- Filter URLs containing query parameters
- Check which URLs are live using httpx-toolkit
- Run nuclei for DAST scanning
- Save results for manual testing
filtered_urls.txt: Filtered URLs with query parameters for further manual testingnuclei_results.txt: Results of the DAST scan
This tool is intended for educational and legal security testing purposes only. The author is not responsible for any misuse of this script.