HExHTTP
💬
HExHTTP is a tool designed to perform tests on HTTP headers and analyze the results to identify vulnerabilities and interesting behaviors.
📊 Features:
⚪️ Server Error response checking
⚪️ Localhost header response analysis
⚪️ Vhosts checking
⚪️ Methods response analysis
⚪️ HTTP Version analysis [Experimental]
⚪️ Cache Poisoning DoS (CPDoS) techniques
⚪️ Web cache poisoning
⚪️ Range poisoning/error (416 response error) [Experimental]
⚪️ Cookie Reflection
⚪️ CDN/proxies Analysis (Envoy/Apache/Akamai/Nginx) [IP]
🔼 Installation:
💻 Usage:
😸 Github
⬇️ Download
🔒
#Python #HTTP #Headers #Analyze
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
HExHTTP is a tool designed to perform tests on HTTP headers and analyze the results to identify vulnerabilities and interesting behaviors.
pip install -r requirements.txt
./hexhttp.py -u 'https://target.tld/'
# OR
python3 hexhttp.py -u 'https://target.tld/'
./hexhttp.py -h
# Usage: hexhttp.py [-h] [-u URL] [-f URL_FILE] [-H CUSTOM_HEADER] [-A USER_AGENT] [-F] [-a AUTH] [-b]
BugCod3#Python #HTTP #Headers #Analyze
Please open Telegram to view this post
VIEW IN TELEGRAM
❤4🔥3⚡2👍2🍾1
IDOR-Forge
IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.
💬 Description:
IDOR Forge is a powerful and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications. IDOR vulnerabilities occur when an application exposes direct references to internal objects (e.g., database keys, file paths) without proper authorization checks, allowing attackers to access unauthorized data. This tool automates the process of identifying such vulnerabilities by dynamically generating and testing payloads, analyzing responses, and reporting potential issues.
📊 Features:
⚪️ Dynamic Payload Generation
⚪️ Multi-Parameter Scanning
⚪️ Support for Multiple HTTP Methods
⚪️ Concurrent Scanning
⚪️ Rate Limiting Detection
⚪️ Customizable Test Values
⚪️ Sensitive Data Detection
⚪️ Proxy Support
⚪️ Interactive GUI Mode
⚪️ Verbose Mode
⚪️ Output Options
⚪️ Custom Headers
⚪️ Session Handling
🔼 Installation:
💻 Usage:
🖼 Interactive GUI Mode:
😸 Github
⬇️ Download
🔒
#Python #Idor #Vulnerability #Tools
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.
IDOR Forge is a powerful and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications. IDOR vulnerabilities occur when an application exposes direct references to internal objects (e.g., database keys, file paths) without proper authorization checks, allowing attackers to access unauthorized data. This tool automates the process of identifying such vulnerabilities by dynamically generating and testing payloads, analyzing responses, and reporting potential issues.
pip install -r requirements.txt
python IDOR-Forge.py
# CLI Basic Usage
python IDOR-Forge.py -u "https://example.com/api/resource?id=1"
# Advanced Usage
python IDOR-Forge.py -u "https://example.com/api/resource?id=1" -p -m GET --proxy "https://127.0.0.1:8080" -v -o results.csv --output-format csv
python IDOR-Forge.py -u https://example.com/resource?id=1 -p -m GET --output results.csv --output-format csv --test-values [100,200,300] --sensitive-keywords ["password", "email"]
python idor_hunter.py --interactive
BugCod3#Python #Idor #Vulnerability #Tools
Please open Telegram to view this post
VIEW IN TELEGRAM
❤7👍4🔥3⚡2
Trape (stable) v2.0
💬
Trape is an OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their websites or services and control their users through their browser, without their knowledge, but It evolves with the aim of helping government organizations, companies and researchers to track the cybercriminals.
📊 Some benefits:
⚪️ LOCATOR OPTIMIZATION
⚪️ APPROACH
⚪️ REST API
⚪️ PROCESS HOOKS
⚪️ PUBLIC NETWORK TUNNEL
⚪️ CLICK ATTACK TO GET CREDENTIALS
⚪️ NETWORK
⚪️ PROFILE
💻 Usage:
Github
⬇️ Download
🔒
#Python #Osint #Security #Tracking #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
💬
Trape is an OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their websites or services and control their users through their browser, without their knowledge, but It evolves with the aim of helping government organizations, companies and researchers to track the cybercriminals.
📊 Some benefits:
⚪️ LOCATOR OPTIMIZATION
⚪️ APPROACH
⚪️ REST API
⚪️ PROCESS HOOKS
⚪️ PUBLIC NETWORK TUNNEL
⚪️ CLICK ATTACK TO GET CREDENTIALS
⚪️ NETWORK
⚪️ PROFILE
💻 Usage:
cd trape
pip3 install -r requirements.txt
python3 trape.py -h
#Example: python3 trape.py --url https://example.com --port 8080
Github
⬇️ Download
🔒
BugCo3#Python #Osint #Security #Tracking #Tools
➖➖➖➖➖➖➖➖➖➖
👤 t.iss.one/BugCod3BOT
📣 t.iss.one/BugCod3
🔥3❤2⚡1