i need help at WFUZZ fuzzing when you are at authenticated page .
For example i bypassed a login page and after login page i found a post parameter which is vulnerable to sql injection , so how i can use this in this condition ?
Usually, you should have cookies assigned to you that identify you to the webserver. So, you could simply use wfuzz -b cookie=value1 -b cookie2=value2 ... to test with your authenticated session.
wfuzz -b cookie=value1 -b cookie2=value2 ...
GREM | OSCE | GASF | eJPT
Click here to create an account.