Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Overview

Pupy

Build Status

Installation

Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to use Docker Compose.

Refer to the wiki

Description

Pupy is a cross-platform, multi function RAT and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves a very low footprint. Pupy can communicate using multiple transports, migrate into processes using reflective injection, and load remote python code, python packages and python C-extensions from memory.

Features

  • Windows payload can load the entire Python interpreter from memory using a reflective DLL.

    • Pupy does not touch the disk.
  • Can be packed into a single .py file and run without any dependencies other than the python standard library on all OSes.

    • PyCrypto gets replaced by pure Python AES & RSA implementations when unavailable.
  • Reflectively migrate into other processes.

  • Remotely import pure python packages (.py, .pyc) and compiled python C extensions (.pyd, .so) from memory.

    • Imported python modules do not touch the disk.
  • Easily extensible, modules are simple to write and are sorted by os and category.

  • Modules can directly access python objects on the remote client using rpyc.

  • Access remote objects interactively from the pupy shell and get auto-completion of remote attributes.

  • Communication transports are modular and stackable. Exfiltrate data using HTTP over HTTP over AES over XOR, or any combination of the available transports.

  • Communicate using obfsproxy pluggable transports.

  • Execute noninteractive commands on multiple hosts at once.

  • Commands and scripts running on remote hosts are interruptible.

  • Auto-completion for commands and arguments.

  • Custom config can be defined: command aliases, modules. automatically run at connection, etc.

  • Open interactive python shells with auto-completion on the all-in-memory remote python interpreter.

  • Interactive shells (cmd.exe, /bin/bash, etc) can be opened remotely.

    • Remote shells on Unix & Windows clients have a real tty with all keyboard signals working just like an SSH shell.
  • Execute PE executable remotely and from memory.

  • Generate payloads in various formats:

Format Architecture Short Name
Android Package x86 & ARMv7 apk
Linux Binary x86 lin_x86
Linux Binary x64 lin_x64
Linux Shared Object x86 so_x86
Linux Shared Object x64 so_x64
Windows PE Executable x86 exe_x86
Windows PE Executable x64 exe_x64
Windows DLL x86 dll_x86
Windows DLL x64 dll_x64
Python Script x86 & x64 py
PyInstaller x86 & x64 pyinst
Python Oneliner x86 & x64 py_oneliner
Powershell x86 & x64 ps1
Powershell Oneliner x86 & x64 ps1_oneliner
Ducky Script N/A rubber_ducky
  • Deploy in memory from a single command line using python or powershell one-liners.

  • Embed "scriptlets" in generated payloads to perform some tasks "offline" without needing network connectivity (ex: start keylogger, add persistence, execute custom python script, check_vm, etc.)

  • Multiple Target Platforms:

Platform Support Status
Windows XP Supported
Windows 7 Supported
Windows 8 Supported
Windows 10 Supported
Linux Supported
Mac OSX Limited Support
Android Limited Support

Documentation

All documentation can be found on the wiki.

Refer to the wiki

FAQ

Does the server work on windows?

Pupy has not been tested on Windows. Theoretically, it should work on any platform that supports Docker and Docker Compose. However, you will need to adapt the Docker Compose installation instructions for the Windows platform.

I can't install Pupy. The installation fails.

  1. Please refer to the wiki. It is possible that your answer is there.
  2. Search the Github issues and see if your issue was already solved.
  3. If you issue was not solved, open a new issue following the issue guidelines.

If you do not follow these steps, you issue will be closed.

Android and/or Mac OSX payloads and modules don't work.

Pupy has limited support for Android and OSX. These platforms may not be well maintained and may break intermittently. Some modules (i.e. keylogger) may be missing for these platforms.

Development

If some of you want to participate to pupy development, don't hesitate! All help is greatly appreciated and all pull requests will be reviewed.

Also there is small note about development. Please run flake8 before doing any commits. File with config is here.

Contact

Platform Contact Info
Email [email protected]
Twitter https://twitter.com/n1nj4sec

This project is a personal development, please respect its philosophy and don't use it for evil purposes!

Special thanks

Special thanks to all contributors that help improve pupy and make it a better tool! :)

Comments
  • Pupy docker architecture

    Pupy docker architecture

    This is not an issue, it is a reference for the correct way to implement things for the docker install of pupy.

    In #643, I brought up the issue of using SSH to access the docker container. This is inefficient and runs contrary to Docker's design philosophy of "one app per container". I propose removing all references to access via SSH, including pupyenv.sh.

    There are some other general guidelines that I will outline below. Assuming I can eventually get docker to build without crashing (#645), I will implement these myself.

    Docker should be set up via Docker Compose by default for all supported systems. The Debian 9 installation option should be supported, but not recommended. The Docker Compose installation should be transparent to the end user as well; someone with no prior docker experience should be able to use it without trouble.

    The installation procedure should go as follows:

    1. Git clone the repo.
    2. Execute the installer script from an install of either Debian Stable or Kali Rolling
    3. Once the install has finished, a wrapper script can be used to run docker compose up, i.e. via a hypothetical pupy_start.sh.

    The technical workings of the installation should be as follows:

    (Note: All of this will be automated by the installer script. The end user will not need to do any of this.)

    1. Docker should be installed via the get.docker.com script on D9, or via the method described here for Kali. I tested the latter last month.

    2. Docker Compose should be installed via this method.

    3. The pupy server should be launched from the docker-compose.yml file, with all relevant directories in the container mounted as local folders.

      • /opt/pupy/output:./output
      • /opt/pupy/conf:./conf
    opened by Strazzom 32
  • Abstract/Modular-ize the communication channel

    Abstract/Modular-ize the communication channel

    Not sure how to phrase this, but it would be perhaps interesting to make the communication channel modular, so that you can have whatever communication channel you can think of implemented (DNS, ICMP, UDP, etc), so long as it passes a functioning filedescriptor for a socket object back to the main implant/client.

    This way modules can be written for C&C channels over say, UDP, DNS, ICMP... etc.

    feature 
    opened by 0x27 27
  • Create new repo with alxchk as maintainer.

    Create new repo with alxchk as maintainer.

    @alxchk Given that the main project seems to be abandoned, I suggest duplicating the repository and renaming it to something indicative of progression (i.e. "pupy2"), and make yourself the official maintainer. You are basically filling that role anyway, so at this point it is just a matter of formality.

    It is difficult for newcomers to figure out which is the most up to date branch of the project, creating needless headache for everyone.

    As an aside, I would also recommend having two branches, (main and unstable) instead of just unstable, which is how you currently have it.

    What do you think?

    opened by Strazzom 25
  • tkinter support

    tkinter support

    I copied the lib-tk folder into the packages/all folder, but when i try to run a tkinter program it gives me this error:

    >>> execfile('C:/textedit.py')
    PupyPackageLoader: Error while loading package Tkinter (py) : No module named _tkinter, please install the python-tk package
    Traceback (most recent call last):
      File "<console>", line 1, in <module>
      File "C:/textedit.py", line 1, in <module>
        from Tkinter import *
      File "<string>", line 110, in load_module
    ImportError: No module named _tkinter, please install the python-tk package
    >>>
    

    Is there a way to make tkinter work?

    feature rejected 
    opened by Technoturnovers 21
  • Error in installation

    Error in installation

    When I install puppy, I have an error when using sudo git submodule update : Cloning into '/home/masxnz/pupy/client/sources-linux/linux-inject'... Cloning into '/home/masxnz/pupy/pupy/external/LaZagne'... Cloning into '/home/masxnz/pupy/pupy/external/impacket'... Cloning into '/home/masxnz/pupy/pupy/external/memorpy'... Cloning into '/home/masxnz/pupy/pupy/external/pywerview'... Cloning into '/home/masxnz/pupy/pupy/external/scapy'... Cloning into '/home/masxnz/pupy/pupy/external/winpty'... Cloning into '/home/masxnz/pupy/pupy/payload_templates'... Submodule path 'client/sources-linux/linux-inject': checked out 'ce6d7e4b1d6c06b2fb36548e23d62685a1f91209' error: no such remote ref 3135aefe986d2a411309022039b931f2a45936ea Fetched in submodule path 'pupy/external/LaZagne', but it did not contain 3135aefe986d2a411309022039b931f2a45936ea. Direct fetching of that commit failed.

    opened by pyx86 20
  • Please i need your help i am new to pupy

    Please i need your help i am new to pupy

    Hi everyone, i am new to pupy. i have followed pupy installation steps but whenever i run command ./pupygen.py i get this error message.

    root@ubuntu:~/pupy/pupy# ./pupygen.py

    Traceback (most recent call last): File "./pupygen.py", line 7, in from pupylib.utils.network import get_listener_ip, get_listener_port File "/root/pupy/pupy/pupylib/init.py", line 4, in from PupyService import * File "/root/pupy/pupy/pupylib/PupyService.py", line 27, in from pupylib.PupyCredentials import Credentials File "/root/pupy/pupy/pupylib/PupyCredentials.py", line 20, in from M2Crypto import X509, EVP, RSA, ASN1, BIO File "/usr/local/lib/python2.7/dist-packages/M2Crypto/init.py", line 26, in from M2Crypto import (ASN1, AuthCookie, BIO, BN, DH, DSA, EVP, Engine, Err, File "/usr/local/lib/python2.7/dist-packages/M2Crypto/ASN1.py", line 15, in from M2Crypto import BIO, m2, util File "/usr/local/lib/python2.7/dist-packages/M2Crypto/BIO.py", line 10, in from M2Crypto import m2, util File "/usr/local/lib/python2.7/dist-packages/M2Crypto/util.py", line 20, in from typing import AnyStr, Tuple, Union # noqa ImportError: No module named typing

    please i need help or am i missing something with configuration?

    opened by kelvin2185 16
  • UTF 8 code/Unicode Support

    UTF 8 code/Unicode Support

    Hi guy, I tried to make some Chinese (Traditional and Simplified) folders and files into target computer. It's shown as below screen. image

    How can display any language? Such as Chinese, Japanese...etc

    opened by LAzyFrAAnk 16
  • Something went wrong since last commit

    Something went wrong since last commit

    I have sync my fork to the last commit and downloaded new binaries. However, I do not manage to get a reverse shell (I have tested it on Linux and Windows).

    When I generate a linux binary, the binary is created but I have two lines in red (Required credentials and the line with "SSL_BIND_CERT, SSL_CA_CERT"). And no connection is made when I launch the binary:

    ./pupygen.py -f client -A x64 -O linux connect --host 192.168.142.163:1234
    [+] Generate client: linux/x64
    [C] launcher: connect
    [C] launcher_args: ['--host', '192.168.142.163:1234']
    [C] offline_script: 
    [+] Required credentials:
    [+] SSL_BIND_CERT, SSL_CA_CERT, SSL_CLIENT_CERT, SSL_BIND_KEY, SSL_CLIENT_KEY
    [+] OUTPUT_PATH = /tmp/pupyx64.mIsHAJ.lin
    [+] SCRIPTLETS = []
    [+] DEBUG = False
    

    Moreover, when I generate a python payload, I have some errors:

    sudo ./pupygen.py -f py connect --host 192.168.142.163:1234
    WARNING:root:Error with GnomeKeyring get_pass : Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
    [I] use_gnome_keyring is true, the password will be stored in the Gnome-Keyring
    [I] Credentials password: 
    WARNING:root:Error with GnomeKeyring store_pass : Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
    ERROR:root:bad decrypt pad (123)
    Traceback (most recent call last):
      File "./pupygen.py", line 545, in <module>
        pupygen(parser.parse_args(), config)
      File "./pupygen.py", line 483, in pupygen
        packed_payload=pack_py_payload(get_raw_conf(conf))
      File "./pupygen.py", line 73, in get_raw_conf
        credentials = Credentials(role='client')
      File "/tmp/pupy/pupy/pupylib/PupyCredentials.py", line 206, in __init__
        encryptor.decrypt(StringIO(content), fcontent)
      File "/tmp/pupy/pupy/pupylib/PupyCredentials.py", line 162, in decrypt
        raise ValueError("bad decrypt pad (%d)" % padding_length)
    ValueError: bad decrypt pad (123)
    bad decrypt pad (123)
    

    I have tested to clone the project from @alxchk (and binaries too) and same problem with the connection (I didn't manage to get a reverse shell working). I could generate the python payload without errors this time but it didn't work.

    I don't understand as well, what is stored on the gnome keyring. I saw that a credentials password is required (at least on the @alxchk fork) but I didn't manage to reset it.

    So I don't know if something has been broken or if it's my pupy installation.

    opened by AlessandroZ 14
  • Command

    Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-1eZcb4/pyautogui/ Error

    I am using Linux Kali and I am getting Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-1eZcb4/pyautogui/ this error when I write pip install -r pupy/requirements.txt please help.

    Thank you.

    opened by doruktorun 13
  • Creds output

    Creds output

    I have changed the creds output to have a humain readable output. Now, it is possible to search into passwords (word could be "hash", "plaintext", an uid, or anything that could be in the login, the password / hash, or the url). creds -s <word>

    To retrieve creds by host creds --sort

    opened by AlessandroZ 13
  • Module interactive_shell error

    Module interactive_shell error

    This is the server side error message:

    [!] Load winpty failed: Exception: No module named security
    [!] Error loading package winpty (winpty.pyo pkg=False) : No module named security Traceback (most recent call last):
    ImportError: No module named security
    [!] Load ptyshell failed: Exception: No module named security
    [!] Error loading package ptyshell (ptyshell.pyo pkg=False) : No module named security Traceback (most recent call last):
    ImportError: No module named security
    2019-03-12 12:06:10,970| No module named security
    
    ========= Remote Traceback (1) =========
    Traceback (most recent call last):
    ImportError: No module named security
    Traceback (most recent call last):
      File "/home/ubuntu/tools/pupy_new/pupy/pupy/pupylib/PupyJob.py", line 164, in module_worker
        module.run(self.args)
      File "/home/ubuntu/tools/pupy_new/pupy/pupy/modules/interactive_shell.py", line 72, in run
        acquire_shell = self.client.remote('ptyshell', 'acquire', False)
      File "/home/ubuntu/tools/pupy_new/pupy/pupy/pupylib/PupyClient.py", line 234, in remote
        remote_module = getattr(self.conn.modules, module)
      File "/home/ubuntu/tools/pupy_new/pupy/pupyw/local/lib/python2.7/site-packages/rpyc/core/netref.py", line 151, in __getattribute__
        return syncreq(self, consts.HANDLE_GETATTR, name)
      File "/home/ubuntu/tools/pupy_new/pupy/pupyw/local/lib/python2.7/site-packages/rpyc/core/netref.py", line 72, in syncreq
        return conn.sync_request(handler, oid, *args)
      File "/home/ubuntu/tools/pupy_new/pupy/pupy/network/lib/connection.py", line 387, in sync_request
        raise obj
    ImportError: No module named security
    
    ========= Remote Traceback (1) =========
    Traceback (most recent call last):
    ImportError: No module named security
    
    [-] No module named security
    
    ========= Remote Traceback (1) =========
    Traceback (most recent call last):
    ImportError: No module named security
    
    

    This is the client side error message:

    2019-03-12 12:19:12,967| Adding files: ['ptyshell.pyo', 'winpty.pyo']
    2019-03-12 12:19:12,967| stream: send=12
    2019-03-12 12:19:12,967| Wait for task to be queued(SyncQueue Dispatcher)
    2019-03-12 12:19:13,016| Dispatch(PC:conn1) - data (29)
    2019-03-12 12:19:13,016| Processing message request, type(PC:conn1): 4 seq: 64 - started
    2019-03-12 12:19:13,016| Queue task
    2019-03-12 12:19:13,017| Task queued
    2019-03-12 12:19:13,017| Task acquired(SyncQueue Dispatcher)
    2019-03-12 12:19:13,019| Find module: ptyshell/None/False
    2019-03-12 12:19:13,020| [L] find_module(ptyshell,None) in ['ptyshell.pyo'])
    2019-03-12 12:19:13,022| ptyshell found in "ptyshell.pyo" / size = 3781
    2019-03-12 12:19:13,022| --> Loading ptyshell (ptyshell.pyo) package=False
    2019-03-12 12:19:13,023| [L] ptyshell remove ptyshell.pyo from bundle / count = 308
    2019-03-12 12:19:13,028| loading module ptyshell
    2019-03-12 12:19:13,028| Load ptyshell from marshalled file (pyo)
    2019-03-12 12:19:13,029| Find module: winpty/None/False
    2019-03-12 12:19:13,029| [L] find_module(winpty,None) in ['winpty.pyo'])
    2019-03-12 12:19:13,029| winpty found in "winpty.pyo" / size = 7240
    2019-03-12 12:19:13,029| --> Loading winpty (winpty.pyo) package=False
    2019-03-12 12:19:13,029| [L] winpty remove winpty.pyo from bundle / count = 307
    2019-03-12 12:19:13,035| loading module winpty
    2019-03-12 12:19:13,035| Load winpty from marshalled file (pyo)
    2019-03-12 12:19:13,036| Find module: pupwinutils.security/None/False
    2019-03-12 12:19:13,036| [L] find_module(pupwinutils.security,None) in [])
    2019-03-12 12:19:13,036| pupwinutils.security not found in []: not in 0 files
    2019-03-12 12:19:13,040| Async request(PC:conn1): 6
    2019-03-12 12:19:13,040| stream: send=91
    2019-03-12 12:19:13,042| Call remote_print_error() - error loading package winpty - start
    2019-03-12 12:19:13,043| Async request(PC:conn1): 7
    2019-03-12 12:19:13,043| stream: send=297
    2019-03-12 12:19:13,043| Call remote_print_error() - error loading package winpty - complete
    2019-03-12 12:19:13,048| Async request(PC:conn1): 8
    2019-03-12 12:19:13,049| stream: send=93
    2019-03-12 12:19:13,049| Call remote_print_error() - error loading package ptyshell - start
    2019-03-12 12:19:13,049| Async request(PC:conn1): 9
    2019-03-12 12:19:13,049| stream: send=409
    2019-03-12 12:19:13,051| Call remote_print_error() - error loading package ptyshell - complete
    
    
    

    Is this a bug of client? Maybe it is about the privilege of client. I tried to run interactive_shell with System privilege and succeeded. But High privilege did not work.

    opened by baka9moe 12
  • SyntaxError // line 221

    SyntaxError // line 221

    File "/pupy/pupy/./pupygen.py", line 221 os.chmod(os.path.join(root, dir), 0700) ^ SyntaxError: leading zeros in decimal integer literals are not permitted; use an 0o prefix for octal integers

    opened by userCJ35 0
  • tqdm not found, nextgen

    tqdm not found, nextgen

    At running 'pupysh'

     from tqdm.auto import tqdm
    ModuleNotFoundError: No module named 'tqdm'
    

    running pip install via exact version

    root@base:~# python3.8 -m pip install tqdm
    Requirement already satisfied: tqdm in /usr/local/lib/python3.8/dist-packages (4.64.1)
    
    opened by bntr00t 0
  • The NextGen branch should be merged with with the master branch

    The NextGen branch should be merged with with the master branch

    Hi,

    When I knew the existence of the nextgen branch, I hurried up to test it and it worked marvelously :smile: thanks to pipx.

    Can you merge "nextgen" to "master" so it can be the default branch, and publish it on pypi when possible ? so it'll be easy to install in just one easy short pipx install pupy

    What do you think ?

    opened by ghost 7
  • Module does not support interrupts. Resources may leak!

    Module does not support interrupts. Resources may leak!

    In the target machine, It cause the. "Module does not support interrupts. Resources may leak!" which will cause the reason, Is there any reson will cause not support Module does not support interrupts. Resources may leak!

    opened by SuperXiaoxiong 0
Owner
null
A windows post exploitation tool that contains a lot of features for information gathering and more.

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

null 29 Nov 20, 2022
Crowbar - A windows post exploitation tool

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

null 29 Nov 20, 2022
Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints.

jolokia-exploitation-toolkit Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints. Core concept Jolokia is a protocol br

Laluka 194 Jan 1, 2023
this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a

Titan_Exodous 1 Nov 4, 2021
An open-source post-exploitation framework for students, researchers and developers.

Questions? Join the Discord support server Disclaimer: This project should be used for authorized testing or educational purposes only. BYOB is an ope

dvm 8.1k Dec 31, 2022
Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.

ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download

Finn Lancaster 3 Oct 5, 2022
Proof-of-concept obfuscation toolkit for C# post-exploitation tools

InvisibilityCloak Proof-of-concept obfuscation toolkit for C# post-exploitation tools. This will perform the below actions for a C# visual studio proj

null 259 Dec 19, 2022
Web3 Pancakeswap Sniper & honeypot detector Take Profit/StopLose bot written in python3, For ANDROID WIN MAC & LINUX

?? Pancakeswap BSC Sniper Bot web3 with honeypot detector (ANDROID WINDOWS MAC LINUX) ?? ⭐️ ⭐️ ⭐️ First SNIPER BOT for ANDROID & WINDOWS with honeypot

Mayank 12 Jan 7, 2023
A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask.

PWInput A cross-platform Python module that displays **** for password input. Works on Windows, unlike getpass. Formerly called stdiomask. Installatio

Al Sweigart 26 Sep 4, 2022
CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

CamOver is a camera exploitation tool that allows to disclosure network camera admin password. Features Exploits vulnerabilities in most popul

EntySec 247 Jan 2, 2023
neo Tool is great one in binary exploitation topic

neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it

Hamza Elansari 4 Oct 10, 2022
OpenSource Poc && Vulnerable-Target Storage Box.

reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re

cckuailong 560 Dec 23, 2022
This is a keylogger in python for Windows, Mac and Linux!

Python-Keylogger This is a keylogger in python for Windows, Mac and Linux! #How to use it by downloading the zip file? Download the zip file first The

Zeus_Dxvxm 2 Nov 12, 2021
pybotnet - A Python Library for building Botnet , Trojan or BackDoor for windows and linux with Telegram control panel

pybotnet A Python Library for building botnet , trojan or backdoor for windows and linux with Telegram control panel Disclaimer: Please note that this

</oNion 181 Jan 2, 2023
A collection of intelligence about Log4Shell and its exploitation activity

Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex

Curated Intel 172 Nov 17, 2022
Salesforce Recon and Exploitation Toolkit

Salesforce Recon and Exploitation Toolkit Salesforce Recon and Exploitation Toolkit Usage python3 main.py <URL> References Announcement Blog - https:/

null 81 Dec 23, 2022
VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

Vortex VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit,

null 315 Dec 28, 2022
Windows Virus who destroy some impotants files on C:\windows\system32\

psychic-robot Windows Virus who destroy some importants files on C:\windows\system32\ Signatures of psychic-robot.PY (python file) : Bkav Pro : ASP.We

H-Tech-Dev36 1 Jan 6, 2022
SSRF search vulnerabilities exploitation extended.

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).

Andri Wahyudi 13 Jul 4, 2021