Invoker
High-speed parameter mining and fuzzing. Mark payload positions in raw HTTP requests with § markers, load wordlists, and run concurrent attacks with real-time progress and detailed results.
Authorized Use Only
Only run invoker tests against systems you own or are explicitly authorized to assess. Unauthorized attempts can be illegal and may trigger account lockouts.
Overview
The Invoker is a parameter fuzzing engine similar to Burp Suite's Intruder. It takes a base HTTP request, marks one or more payload positions, assigns wordlists to each position, and sends requests with every combination at high concurrency — streaming results back to the UI in real time.
Attack Flow
Craft base request → Mark positions with § delimiters →
Assign payloads per position → Configure concurrency & delay →
Start attack → Tauri backend generates combinations →
Results stream via Tauri events → Table displays in real time
Page Layout
Left Panel — Configuration
Request editor with Monaco-based text input, payload configuration with tabs per position, attack parameters (delay). Start/Stop controls and real-time progress bar.
Right Panel — Results
Scrollable results table with status/payload filters. Columns: index, payload values, URL, HTTP status badge, response length, response time. Click a row to open the result drawer.
Configuration
Each attack tab has its own configuration with three sub-tabs:
Request
Raw HTTP request editor with syntax highlighting. Select text and click Mark Target to wrap it in § delimiters. Supports pasting from repeater or raw import dialog.
Payloads
Per-position payload configuration. Simple list editor, number range generator, predefined presets browser, and file loader.
Attack
Request delay in milliseconds between each attack request.
Request Editor & Marking
The base HTTP request is edited in a Monaco text editor. Payload positions are marked with § delimiters — select any text (URL path, query parameter, header value, body content) and click "Mark Target" to wrap it.
| Action | Description |
|---|---|
| Mark Target | Wraps selected text with § delimiters, creating a payload position |
| Import Raw | Opens a dialog to paste a complete raw HTTP request with existing § markers |
| Send from Repeater | The Repeater page can send its current request as the base for a new attack tab |
| Parse & Sync | The editor continuously parses the raw text. § markers are detected and positions auto-synced to the Payloads tab |
Payload Types
Simple List
One payload per line in a Monaco text editor. Supports loading from predefined presets, local files (.txt, .lst, .wordlist), or manual input.
Number Range
Generates sequential numeric payloads with configurable start, end, step, padding width, and custom format string.
Format supports {} placeholders and {:0N} zero-padding (e.g. {:04} → 0001, 0002, …)
Predefined Payloads
A bundled library of wordlists organized by category, accessible via the "Browse Presets" button in the Payloads tab.
| Category | Presets | Use Case |
|---|---|---|
| BurpSuite ParamMiner | lowercase-headers (1,102), uppercase-headers (1,102) | Header parameter discovery — fuzz for hidden HTTP headers |
| DNS | subdomains-top1million (5K–110K variants), services-names (1,419) | Subdomain enumeration and service discovery |
| API | api-endpoints (288–10,879), actions, objects, Salesforce Aura objects | API endpoint fuzzing with real-world wordlists |
| usernames | top-usernames-shortlist (17) | Common username brute-forcing |
| Logins | Logins.fuzz.txt (89) | Login path discovery |
Attack Execution
Attack Mode
Currently supports Sniper mode — one payload position is tested at a time with all values from its wordlist.
Concurrency
Defaults to 10 concurrent requests. Configurable via the attack configuration.
Stop / Cancel
Click Stop to cancel an in-progress attack. The Tauri backend is signaled to abort via stop_intruder_attack.
Progress
Real-time progress bar updates via Tauri events (intruder-progress). Shows current/total and percentage.
Results
Results stream into the table as they arrive from the backend. Each result row shows:
| Column | Description |
|---|---|
| # | Sequential index of the request |
| Payload | The substituted payload value(s) for this request |
| URL | The actual URL sent (with payload substituted) |
| Status | HTTP status code badge — green (2xx), red (4xx+), gray (other) |
| Length | Response body length in bytes |
| Time | Response time in milliseconds |
Result Detail Drawer
Click any result row to open a bottom drawer with a split-pane view:
Modified Request
Shows the exact raw HTTP request sent, with § markers replaced by the actual payload values for this iteration. Read-only Monaco editor.
Response
Full raw HTTP response with pretty-printed JSON body. Includes status, headers, timing, and error details if the request failed.
Filters
Status Filter
Text input to filter results by HTTP status code (e.g. "200", "404")
Payload Filter
Text input to filter by substituted payload value
Clear Results
Removes all results for the active tab and deselects any selected result
Tab Management
Multiple attack configurations can run independently in separate tabs. Each tab maintains its own request, payloads, results, and running state.
Backend Integration
The attack engine runs on the Rust/Tauri backend:
start_intruder_attack(config) — Begins attack, returns a unique attackIdstop_intruder_attack(attackId) — Cancels an in-progress attackintruder-progress-{attackId} — Tauri event with current/total progressintruder-result-{attackId} — Tauri event per result, streamed to tableEvent listeners are registered per attackId and automatically cleaned up when an attack completes or is stopped.