A fast tool to scan CRLF vulnerability written in Go

Open Redirection Analyzer

The most powerful CRLF injection (HTTP Response Splitting) scanner.

CRLF and open redirect fuzzer

A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commonly done by modifying an HTTP parameter or URL.

使用java编写的CRLF-Injection-burp被动扫描插件

CRLF Bug scanner for WebPentesters and Bugbounty Hunters

📧 [Research] E-Mail Injection: Vulnerable applications

CRLF Detection based on @BlackFan 's work See link below

This is a tool used by several security researchers to find Carriage Return Line Feed Injection Bug

Want to keep your Web application from getting hacked? Here's how to get serious about secure apps. So let's do it! Open Friday, Aug 2016 - Presentation Notes.

CRLF injection scanner

CRLF Injection Payload List

This Bash script is a CRLF injection vulnerability scanner called REX. It checks for various CRLF injection vulnerabilities in a given URL by sending multiple payloads and analyzing the response

A web application to demonstrate log injection vulnerability and input sanitization methods to mitigate the vulnerability

CRLFISCANNER is a lightweight and powerful CLI tool designed for bug bounty hunters and penetration testers to automatically detect CRLF injection vulnerabilities through payload-based testing and HTTP header analysis.

𝕮𝕽𝕷𝕱 𝕾𝕮𝕬𝕹𝕹𝕰𝕽 𝖀𝕱𝕺 𝖛1.1 [𝖀𝖑𝖙𝖗𝖆 𝖁𝖊𝖗𝖘𝖎𝖔𝖓] !*_*! 𝖔𝖚𝖗 𝖌𝖗𝖔𝖚𝖕: @𝕲𝖗𝖊𝖞𝕳4𝖙𝕳𝖆𝖈𝖐𝖊𝖗𝖘

This is a automation tools for checking crlf vulns

CVE-2026-35517 Pi-hole FTLDNS Remote Code Execution via Newline Injection (CVSS 8.8). Python & Nmap NSE detection scripts with full technical breakdown. A newline character in the dns.upstreams parameter gives authenticated attackers command execution on the host. Five related injection vectors all patched in FTL v6.6.