Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once

Related tags

HTTP Clientspythonpython3bugbountypentestpentest-scriptswebscannerredteampentest-toolsredteam-tools
Overview

pathprober

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once.

version made-with-python

pathprober-sample

Purpose

Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because it could validate the directories using specific-word or 2 words at once and the results will more accurate.

It will help you to find:

  • Web administrator/login panel
  • Credential in some paths
  • Third-party token
  • Etc

Installation

git clone https://github.com/xchopath/pathprober
cd pathprober/

Requirements

pip3 install -r requirements.txt

Support

  • Multiple URL targets (in a file separated by newline) or single URL target
  • Multiple paths (in a file separated by newline) or single path
  • 1 word or 2 words (filter)
  • Save valid results to another file
  • Multi-threading

Sample usage

Multiple target, multiple path, and multiple words:

python3 pathprober.py -T target.txt -P path.txt -w "APP_NAME" -w2 "DB_PASSWORD"

Single target, multiple path, and single word:

python3 pathprober.py -t https://redacted.com/ -P path.txt -w "APP_NAME"

Multiple target, single path, multiple words, and save output to file:

python3 pathprober.py -T target.txt -p /.env -w "APP_NAME" -w2 "TWILIO" -o output.txt

Need more help?

bash:~/pathprober$ python3 pathprober.py --help

 ___  ____ ___ _  _ ___  ____ ____ ___  ____ ____
 |__] |__|  |  |__| |__] |__/ |  | |__] |___ |__/
 |    |  |  |  |  | |    |  \ |__| |__] |___ |  \
       Probe HTTP pathname filtered by words

usage: pathprober.py [-h] [-t https://example.com] [-p pathname] [-T target.txt] [-P path.txt] [-w Word] [-w2 Word] [-o output.txt]

PathProber - Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once

optional arguments:
  -h, --help            show this help message and exit
  -t https://example.com
                        Single website target
  -p pathname           Single pathname
  -T target.txt         Multiple target separated by newline
  -P path.txt           Multiple pathname separated by newline
  -w Word               A word that you want to find in a path
  -w2 Word              A second word that you want to find in a path
  -o output.txt         Save the results to file

Contributors

Owner
NFA
Cyber Security Wannabe.
NFA
GitHub Repository
An interactive command-line HTTP and API testing client built on top of HTTPie featuring autocomplete, syntax highlighting, and more. https://twitter.com/httpie

HTTP Prompt HTTP Prompt is an interactive command-line HTTP client featuring autocomplete and syntax highlighting, built on HTTPie and prompt_toolkit.

HTTPie 8.6k Dec 31, 2022
Get the HTTP code of websites along with a cute cat picture

Cat Requests What is this? Cat requests allows you to both get the HTTP response code of the website you wish and it displays it to your screen as a c

Oakchris1955 3 Feb 27, 2022
A Python obfuscator using HTTP Requests and Hastebin.

πŸ”¨ Jawbreaker πŸ”¨ Jawbreaker is a Python obfuscator written in Python3, using double encoding in base16, base32, base64, HTTP requests and a Hastebin-l

Billy 50 Sep 28, 2022
HTTP Request & Response Service, written in Python + Flask.

httpbin(1): HTTP Request & Response Service

Postman Inc. 11.3k Jan 01, 2023
Pretty fast mass-dmer with multiple tokens support made with python requests

mass-dm-requests - Little preview of the Logger and the Spammer Features Logging User IDS Sending DMs (Embeds are supported) to the logged IDs Includi

karma.meme 14 Nov 18, 2022
r - a small subset of Python Requests

r a small subset of Python Requests a few years ago, when I was first learning Python and looking for http functionality, i found the batteries-includ

Gabriel Sroka 4 Dec 15, 2022
Python HTTP library with thread-safe connection pooling, file post support, user friendly, and more.

urllib3 is a powerful, user-friendly HTTP client for Python. Much of the Python ecosystem already uses urllib3 and you should too. urllib3 brings many

urllib3 3.2k Jan 02, 2023
Single-file replacement for python-requests

mureq mureq is a single-file, zero-dependency replacement for python-requests, intended to be vendored in-tree by Linux systems software and other lig

Shivaram Lingamneni 267 Dec 28, 2022
Python Simple SOAP Library

PySimpleSOAP / soap2py Python simple and lightweight SOAP library for client and server webservices interfaces, aimed to be as small and easy as possi

PySimpleSOAP 369 Jan 02, 2023
Detects request smuggling via HTTP/2 downgrades.

h2rs Detects request smuggling via HTTP/2 downgrades. Requirements Python 3.x Python Modules base64 sys socket ssl certifi h2.connection h2.events arg

Ricardo Iramar dos Santos 89 Dec 22, 2022
Asynchronous HTTP client/server framework for asyncio and Python

Async http client/server framework Key Features Supports both client and server side of HTTP protocol. Supports both client and server Web-Sockets out

aio-libs 13.1k Jan 01, 2023
HTTP/2 for Python.

Hyper: HTTP/2 Client for Python This project is no longer maintained! Please use an alternative, such as HTTPX or others. We will not publish further

Hyper 1k Dec 23, 2022
curl statistics made simple

httpstat httpstat visualizes curl(1) statistics in a way of beauty and clarity. It is a single file 🌟 Python script that has no dependency πŸ‘ and is

Xiao Meng 5.3k Jan 04, 2023
Aiohttp simple project with Swagger and ccxt integration

crypto_finder What Where Documentation http://localhost:8899/docs Maintainer nordzisko Crypto Finder aiohttp application Application that connects to

Norbert Danisik 5 Feb 27, 2022
πŸ’‘Python package for HTTP/1.1 style headers. Parse headers to objects. Most advanced available structure for http headers.

HTTP Headers, the Complete Toolkit 🧰 Object-oriented headers. Kind of structured headers. ❓ Why No matter if you are currently dealing with code usin

TAHRI Ahmed R. 103 Dec 02, 2022
A next generation HTTP client for Python. πŸ¦‹

HTTPX - A next-generation HTTP client for Python. HTTPX is a fully featured HTTP client for Python 3, which provides sync and async APIs, and support

Encode 9.8k Jan 05, 2023
Aiosonic - lightweight Python asyncio http client

aiosonic - lightweight Python asyncio http client Very fast, lightweight Python asyncio http client Here is some documentation. There is a performance

Johanderson Mogollon 93 Jan 06, 2023
Python HTTP library with thread-safe connection pooling, file post support, user friendly, and more.

urllib3 is a powerful, user-friendly HTTP client for Python. Much of the Python ecosystem already uses urllib3 and you should too. urllib3 brings many

urllib3 3.2k Dec 29, 2022
Python Client for the Etsy NodeJS Statsd Server

Introduction statsd is a client for Etsy's statsd server, a front end/proxy for the Graphite stats collection and graphing server. Links The source: h

Rick van Hattem 107 Jun 09, 2022
πŸ”„ 🌐 Handle thousands of HTTP requests, disk writes, and other I/O-bound tasks simultaneously with Python's quintessential async libraries.

πŸ”„ 🌐 Handle thousands of HTTP requests, disk writes, and other I/O-bound tasks simultaneously with Python's quintessential async libraries.

Hackers and Slackers 15 Dec 12, 2022