ethicalhackingplayground/TProxer

Stars
172
Rank 221,201 (Top 5 %)
Language
Python
License
MIT License
Created about 3 years ago
Updated about 3 years ago

ethicalhackingplayground/TProxer

ethicalhackingplayground

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

How • Install • Todo • Join Discord

How it works

Attempts to gain access to internal APIs or files through a path based SSRF attack. For instance https://www.example.com/api/v1/users we try the payload /..;/..;/..;/..;/ hoping for a 400 Bad Request:
Then the Algorithm tries to find the potential internal API root with: https://www.example.com/api/v1/users/..;/..;/..;/ hoping for a 404 Not Found
Then, we try to discover content, if anything is found it performs additional test to see if it's 100% internal and worth investigating.
Supports manual activation through context menu.
Payloads are supplied by the user under dedicated tab, default values are stored under query payloads.txt
You can also select your own wordlist
Issues are added under the Issue Activity tab.

Install

$ git clone https://github.com/ethicalhackingplayground/TProxer

Download Jython from:

https://www.jython.org/download.html

Make sure you use Jython 2.7.2

Load burp, Extender -> Options
Go to Python Environment -> Select file -> Select jython.jar
Go to Extensions -> Add -> TProx.py

Todo

Make a better design
Add more customization.

License

TProxer is distributed under MIT License

ssrf-king

SSRF plugin for burp Automates SSRF Detection in all of the Request

bxss

ssrf-tool

erebus

Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.

pathbuster

A path-normalization pentesting tool.

Bug-Bounty-Tools

The tools I have programmed to help me with bugbounty's

wordlistgen

Generates target specific word lists for Fuzzing with fuff

Zin

A Payload Injector for bugbounties written in go

dnsresolver

A Lightning-Fast DNS Resolver written in Rust 🦀

dorkX

Pipe different tools with google dork Scanner

linkJS

SubNuke

Subdomain Takeover tool with web UI

xsspwn

Cross-Site-Scripting (XSS) Automatic Scanner

hrekt

A really fast http prober.

mailsploit

Sends some one a malicious payload through smtp and starts a listener with metasploit.

gocrawler

tprox

TProx is a fast reverse proxy path traversal detector and directory bruteforcer.

endzy

Endpoint monitor tool

aem-eye

A very simple AEM detector written in rust.🦀

EvilPhisher

Social Media Phisher

erebus-templates

Community curated list of templates for the erebus engine to find security vulnerabilities.

recon_db_scripts

Creating a Database for Mass Recon

bcaem

Fast AEM scope gathering tool for all your public and private BugCrowd Programs

pdtools

Install and upgrade projectdiscovery tools

hostparser

A very fast hostparser.

corsX

Cross Origin Resource Sharing Scanner (CORS Scanner)

fbkiller

Brute Forces A Facebook Account

facebookscraper

hakku

Hakku is a android take over tool using various deployment options.

specter

SMTP Password Bruteforcer

subdomaintakeover

sha1decryper

Attempts to crack a sha1 hash

nextjs-blog-theme

ethicalhackingplayground

native-mockups

JsX

Recon your way through java script with this tool finding subdomains, parameters, sinks & relative paths.

documents.uber.com

Electron-Boilerplate