Security teste developed with Python!
-
✔️ - SQL Injection (common and advanced)
-
✔️ - Brute force attack (with expanded credential lists)
-
✔️ - Cross-Site Scripting (XSS) (reflected and stored)
-
✔️ - Path traversal (attempts to access internal files)
-
✔️ - CORS Misconfiguration (Cross-Origin Resource Sharing)
-
✔️ - CSRF (Cross-Site Request Forgery)
-
✔️ - SSRF (Server-Side Resquest Forgery)
-
✔️ - Sensitive Endpoint Testing (e.g., /robots.txt, /sitemap.xml, /api/v1/endpoint)
This type of attack should only be used if you have explicit permission to do so. This is a project containing ethical but efficient tests, as you can see, but DO NOT use it to attack server or applications without proper authorization. Hacking is an art, but it shouldn't be used for malicious purposes, and certainly not to disrupt the work of others.
I am NOT responsible for any illegal actions that may arise from this project. I am simply sharing a base script I created to test web vulnerabilities on systems I was authorized to test. Therefore, I do NOT take any responsibility for any taken actions caused by third parties, may they be individual and/or companies, that may or may not use the complete above script or part of it, for harmful, illegal, disruptive or other malicious purposes, by so causing, intentionally or unintentionally, the violation of any country laws and/or regulations.