Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once

Related tags

HTTP Clientspythonpython3bugbountypentestpentest-scriptswebscannerredteampentest-toolsredteam-tools
Overview

pathprober

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once.

version made-with-python

pathprober-sample

Purpose

Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because it could validate the directories using specific-word or 2 words at once and the results will more accurate.

It will help you to find:

  • Web administrator/login panel
  • Credential in some paths
  • Third-party token
  • Etc

Installation

git clone https://github.com/xchopath/pathprober
cd pathprober/

Requirements

pip3 install -r requirements.txt

Support

  • Multiple URL targets (in a file separated by newline) or single URL target
  • Multiple paths (in a file separated by newline) or single path
  • 1 word or 2 words (filter)
  • Save valid results to another file
  • Multi-threading

Sample usage

Multiple target, multiple path, and multiple words:

python3 pathprober.py -T target.txt -P path.txt -w "APP_NAME" -w2 "DB_PASSWORD"

Single target, multiple path, and single word:

python3 pathprober.py -t https://redacted.com/ -P path.txt -w "APP_NAME"

Multiple target, single path, multiple words, and save output to file:

python3 pathprober.py -T target.txt -p /.env -w "APP_NAME" -w2 "TWILIO" -o output.txt

Need more help?

bash:~/pathprober$ python3 pathprober.py --help

 ___  ____ ___ _  _ ___  ____ ____ ___  ____ ____
 |__] |__|  |  |__| |__] |__/ |  | |__] |___ |__/
 |    |  |  |  |  | |    |  \ |__| |__] |___ |  \
       Probe HTTP pathname filtered by words

usage: pathprober.py [-h] [-t https://example.com] [-p pathname] [-T target.txt] [-P path.txt] [-w Word] [-w2 Word] [-o output.txt]

PathProber - Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once

optional arguments:
  -h, --help            show this help message and exit
  -t https://example.com
                        Single website target
  -p pathname           Single pathname
  -T target.txt         Multiple target separated by newline
  -P path.txt           Multiple pathname separated by newline
  -w Word               A word that you want to find in a path
  -w2 Word              A second word that you want to find in a path
  -o output.txt         Save the results to file

Contributors

Owner
NFA
Cyber Security Wannabe.
NFA
GitHub Repository
Python HTTP library with thread-safe connection pooling, file post support, user friendly, and more.

urllib3 is a powerful, user-friendly HTTP client for Python. Much of the Python ecosystem already uses urllib3 and you should too. urllib3 brings many

urllib3 3.2k Dec 29, 2022
suite de mocks http em json

Ritchie Formula Repo Documentation Contribute to the Ritchie community This repository contains rit formulas which can be executed by the ritchie-cli.

Kaio Fábio Prates Prudêncio 1 Nov 01, 2021
Aiohttp simple project with Swagger and ccxt integration

crypto_finder What Where Documentation http://localhost:8899/docs Maintainer nordzisko Crypto Finder aiohttp application Application that connects to

Norbert Danisik 5 Feb 27, 2022
Some example code for using a raspberry pi to draw text (including emojis) and twitch emotes to a HUB75 RGB matrix via an HTTP post endpoint.

Some example code for using a raspberry pi to draw text (including emojis) and twitch emotes to a HUB75 RGB matrix via an HTTP post endpoint.

7 Nov 05, 2022
Python package for caching HTTP response based on etag

Etag cache implementation for HTTP requests, to save request bandwidth for a non-modified response. Returns high-speed accessed dictionary data as cache.

Rakesh R 2 Apr 27, 2022
A next generation HTTP client for Python. 🦋

HTTPX - A next-generation HTTP client for Python. HTTPX is a fully featured HTTP client for Python 3, which provides sync and async APIs, and support

Encode 9.8k Jan 05, 2023
An interactive command-line HTTP and API testing client built on top of HTTPie featuring autocomplete, syntax highlighting, and more. https://twitter.com/httpie

HTTP Prompt HTTP Prompt is an interactive command-line HTTP client featuring autocomplete and syntax highlighting, built on HTTPie and prompt_toolkit.

HTTPie 8.6k Dec 31, 2022
Screaming-fast Python 3.5+ HTTP toolkit integrated with pipelining HTTP server based on uvloop and picohttpparser.

Screaming-fast Python 3.5+ HTTP toolkit integrated with pipelining HTTP server based on uvloop and picohttpparser.

Paweł Piotr Przeradowski 8.6k Jan 04, 2023
Requests + Gevent = <3

GRequests: Asynchronous Requests GRequests allows you to use Requests with Gevent to make asynchronous HTTP Requests easily. Note: You should probably

Spencer Phillip Young 4.2k Dec 30, 2022
Python HTTP library with thread-safe connection pooling, file post support, user friendly, and more.

urllib3 is a powerful, user-friendly HTTP client for Python. Much of the Python ecosystem already uses urllib3 and you should too. urllib3 brings many

urllib3 3.2k Jan 02, 2023
A toolbelt of useful classes and functions to be used with python-requests

The Requests Toolbelt This is just a collection of utilities for python-requests, but don't really belong in requests proper. The minimum tested reque

892 Jan 06, 2023
curl statistics made simple

httpstat httpstat visualizes curl(1) statistics in a way of beauty and clarity. It is a single file 🌟 Python script that has no dependency 👏 and is

Xiao Meng 5.3k Jan 04, 2023
Small, fast HTTP client library for Python. Features persistent connections, cache, and Google App Engine support. Originally written by Joe Gregorio, now supported by community.

Introduction httplib2 is a comprehensive HTTP client library, httplib2.py supports many features left out of other HTTP libraries. HTTP and HTTPS HTTP

457 Dec 10, 2022
Python Simple SOAP Library

PySimpleSOAP / soap2py Python simple and lightweight SOAP library for client and server webservices interfaces, aimed to be as small and easy as possi

PySimpleSOAP 369 Jan 02, 2023
hackhttp2 make everything easier

hackhttp2 intro This repo is inspired by hackhttp, but it's out of date already. so, I create this repo to make simulation and Network request easier.

youbowen 5 Jun 15, 2022
Aiosonic - lightweight Python asyncio http client

aiosonic - lightweight Python asyncio http client Very fast, lightweight Python asyncio http client Here is some documentation. There is a performance

Johanderson Mogollon 93 Jan 06, 2023
As easy as /aitch-tee-tee-pie/ 🥧 Modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more. https://twitter.com/httpie

HTTPie: human-friendly CLI HTTP client for the API era HTTPie (pronounced aitch-tee-tee-pie) is a command-line HTTP client. Its goal is to make CLI in

HTTPie 25.4k Jan 01, 2023
Bot que responde automáticamente as perguntas do giga unitel

Gigabot+ Bot que responde automáticamente as perguntas do giga unitel LINK DOWNLOAD: Gigabot.exe O script pode apresentar alguns erros, pois não tive

Joaquim Roque 20 Jul 16, 2021
HTTP Request Smuggling Detection Tool

HTTP Request Smuggling Detection Tool HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambig

Anshuman Pattnaik 282 Jan 03, 2023
r - a small subset of Python Requests

r a small subset of Python Requests a few years ago, when I was first learning Python and looking for http functionality, i found the batteries-includ

Gabriel Sroka 4 Dec 15, 2022