Features

• Multithreading
• Http / Https
• Proxy support
• Data persistence
• Basic Authentication
• Resume

Usage
cansina.py -h for a comprehensive list of features and choices
Simple case

cansina.py -u target_url -p payload_filename

Will make GET requests using 4 threads by default

Banning HTTP responde codes to output

cansina.py -u target_url -p payload_filename -b 404,400,500

Selected codes will be skipped

Adding a .php extension to every record in payload

cansina.py -u target_url -p payload_filename -e php

Make all payload entries end with an extension

Adding a list of extensions

cansina.py -u target_url -p payload_filename -e php,asp,aspx

Same as above but will repeat every request for every extension provided

Inspecting content

cansina.py -u target_url -p payload_filename -c look_for_this_text

Cansina will report to screen if the content is detected in response

Filtering by content

cansina.py -u target_url -p payload_filename -d look_for_this_text

If the content is found it will be processed as a 404 Not Found page

Autodiscriminator

cansina.py -u target_url -p payload_filename -D

First, Cansina will try to make and remember a 404 response and will skip similar responses

Replacing

cansina.py -u target_url/

*

_this/ -p payload_filename

Simple string replacing. Useful when a URL pattern is observable

Size filtering

cansina.py -u target_url -s 1495 -p payload_filename

If you don't want a response and know its size is fixed this could help skipping all those responses.
Also, it can be a list of sizes:

cansina.py -u target_url -s 0,1495,1337 -p payload_filename

Uppercase all requests

cansina.py -u target_url -U -p payload_filename

Just make every payload UPPERCASE

Threading

cansina.py -u target_url -t8 -p payload_filename

Set the threading level. 4 by default.

Change GET -> HEAD requests

cansina.py -u target_url -H -p payload_filename

Make requests using HEAD HTTP method. Be aware size and content filtering won't work

Delay between requests

cansina.py -u target_url -T 1.25 -p payload_filename

Set a delay between resquests. Time is set in float format. E.g: 1.25 seconds

User agent

cansina.py -u target_url -p payload_filename -a user_agent

Set an alternative User-Agent string

Proxy requests

cansina.py -u target_url -p payload_filename -Phttp://127.0.0.1:8080

Simple http proxy

Basic authentication

cansina.py -u target_url -p payload_filename -Auser:password

Manages basic authentication

Resume session

cansina.py -r resume_file

Resume last interrupted session with all options and payload with former linenumber

Parse robots.txt

cansina.py -R

Cansina will parse the robots.txt file an use it as a payload if it exists

Important
This tool is intended to be used in a fair and legal context, meaning, for example, a penetration testing for which you have been provided previous authorization.
One of its legitimate uses might be the one described in the following article:

• Forced browsing

Dependencies

• requests
• Python 2.7.x

Payloads
Cansina does not come with list but there are some neat projects to supply this:

• SecList
• fuzzdb

Install

pip install --user requests
 git clone --depth=1 https://github.com/deibit/cansina