Asynchronous path traversal mutation fuzzer
Project description
An asynchronous path traversal fuzzer for discovering and testing path traversal vulnerabilities in web applications.
Ptmap
ptmap is a powerful command-line tool designed for security professionals and penetration testers to identify path traversal vulnerabilities through intelligent payload generation and fuzzing. Built with Python 3.10+, it leverages async/await patterns for high-performance concurrent testing across multiple targets.
Features
- 🚀 Asynchronous Fuzzing: Concurrent worker threads for efficient vulnerability testing
- 🎯 Multiple Input Methods: Direct URLs, file-based target lists, or piped input
- 🧬 Flexible Payload Generation: Built-in and custom payload mutators
- 🔧 Configurable Traversal: Adjustable depth and payload size parameters
- 🛡️ Multi-Platform Support: Optimized payloads for Linux and Windows targets
- 📊 Rich CLI Output: Beautiful terminal output with real-time results
Installation
pip install ptmap
Requirements:
- Python 3.10+
- aiohttp >= 3.9.0
- rich >= 13.0.0
- typer >= 0.12.0
- pyfiglet >= 1.0.0
Quick Start
Basic Usage
# Test a single URL
ptmap https://site.com/page?file=img.png
# Test multiple targets from a file
ptmap urls.txt
# Pipe targets from another tool
cat urls.txt | ptmap
katana https://example.com | ptmap
Usage Guide
Command Syntax
Usage: ptmap [OPTIONS] [TARGET]
Arguments:
[TARGET] Target URL or file containing newline-separated target URLs
(e.g.: https://example.com:8080 or targets.txt)
Options
| Option | Short | Type | Default | Description |
|---|---|---|---|---|
--custom-payloads |
-cp |
TEXT | - | Path to a custom payload file. If omitted, built-in payload generation is used |
--size |
-s |
INTEGER | - | Request payload size |
--threads |
-t |
INTEGER | 10 | Number of concurrent worker threads |
--max-depth |
-md |
INTEGER | 10 | Maximum traversal depth for payload generation |
--platform |
-pf |
linux|windows | linux | Target operating system |
--payloads |
-p |
TEXT | traverse,urlencode | Comma-separated list of payload mutators |
--help |
- | - | - | Show help message |
Available Payload Mutators
traverse: Basic path traversal patternsurlencode: URL encoding mutationsdouble_urlencode: Double URL encodingoverlong_utf8: UTF-8 encoding variationsnested_slashes: Nested slash patternsencode_dots: Dot encoding mutationsnullbyte: Null byte injectiondirect_path: Direct path patternsall: Enable all available mutators
Input Methods
| Method | Example | Description |
|---|---|---|
| Direct URL | ptmap https://site.com/page?file=img.png |
Test a single target URL |
| File Input | ptmap urls.txt |
Test targets from a newline-separated file |
| Piped Input | cat urls.txt | ptmap |
Receive targets from stdin |
| Piped Tools | katana https://example.com | ptmap |
Integrate with other security tools |
Examples
Basic Path Traversal Test
ptmap https://vulnerable-site.com/download?file=document.pdf
Advanced Fuzzing with Custom Settings
ptmap targets.txt \
--threads 20 \
--max-depth 15 \
--payloads all \
--platform windows
Using Custom Payloads
ptmap https://example.com \
--custom-payloads custom_payloads.txt \
--threads 15
Integration with Reconnaissance Tools
# Find endpoints with katana, then fuzz with ptmap
katana -u https://example.com -d 3 | ptmap --threads 25
# Combine with URL filtering
cat urls.txt | grep "/download" | ptmap --payloads all
Targeting Windows Systems
ptmap windows_targets.txt \
--platform windows \
--max-depth 12
Configuration
Custom Payload File Format
Create a custom payload file with newline-separated payloads:
../../../etc/passwd
..\\..\\..\\windows\\system32\\config\\sam
%2e%2e%2f%2e%2e%2fetc%2fpasswd
Requirements
- Python: 3.10 or higher
- aiohttp: Asynchronous HTTP client library
- rich: Terminal output formatting
- typer: CLI framework
- pyfiglet: ASCII art generation
License
This project is licensed under the GNU General Public License v3 (GPLv3) - see the LICENSE file for details.
Author
AmianDevSec
Email: amiandevsec@gmail.com
Support & Community
If you find ptmap helpful in your security research, consider supporting the project:
- ⭐ Star the repository on GitHub to show appreciation
- 🐛 Report bugs and suggest features via GitHub Issues
- 🔀 Contribute improvements through pull requests
- 📝 Share feedback and use cases with the community
- 💬 Engage in discussions to help improve the tool
Your feedback and contributions help make ptmap better for everyone!
Disclaimer: This tool is intended for authorized security testing and educational purposes only. Unauthorized access to computer systems is illegal. Always obtain proper authorization before testing.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ptmap-1.1.0.tar.gz.
File metadata
- Download URL: ptmap-1.1.0.tar.gz
- Upload date:
- Size: 50.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3d35a42de384db5360074ba6b79247282909137699edbc6000f217402912b93c
|
|
| MD5 |
e280e232c08f9bcb161754b292256517
|
|
| BLAKE2b-256 |
f5e6c035f311a728f35692440a66bb08172821bcc2c22d73df7303c3e45ea5a6
|
Provenance
The following attestation bundles were made for ptmap-1.1.0.tar.gz:
Publisher:
python-publish.yml on AmianDevSec/ptmap
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ptmap-1.1.0.tar.gz -
Subject digest:
3d35a42de384db5360074ba6b79247282909137699edbc6000f217402912b93c - Sigstore transparency entry: 1644576965
- Sigstore integration time:
-
Permalink:
AmianDevSec/ptmap@15d91c87925955663a5f5959b210778f2f1b3b14 -
Branch / Tag:
refs/tags/v1.1.0 - Owner: https://github.com/AmianDevSec
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@15d91c87925955663a5f5959b210778f2f1b3b14 -
Trigger Event:
release
-
Statement type:
File details
Details for the file ptmap-1.1.0-py3-none-any.whl.
File metadata
- Download URL: ptmap-1.1.0-py3-none-any.whl
- Upload date:
- Size: 38.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ffcd29d13a8b9a96efd39dff95014133bfd2dc761b83230d4a20748e4b8ae979
|
|
| MD5 |
dbcc47e9e9ffc757d922aef31fa730d3
|
|
| BLAKE2b-256 |
eb35f514da44062e8fe54b09338ce983adeb0b66888b2d55bc887347ae3c013b
|
Provenance
The following attestation bundles were made for ptmap-1.1.0-py3-none-any.whl:
Publisher:
python-publish.yml on AmianDevSec/ptmap
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ptmap-1.1.0-py3-none-any.whl -
Subject digest:
ffcd29d13a8b9a96efd39dff95014133bfd2dc761b83230d4a20748e4b8ae979 - Sigstore transparency entry: 1644577541
- Sigstore integration time:
-
Permalink:
AmianDevSec/ptmap@15d91c87925955663a5f5959b210778f2f1b3b14 -
Branch / Tag:
refs/tags/v1.1.0 - Owner: https://github.com/AmianDevSec
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python-publish.yml@15d91c87925955663a5f5959b210778f2f1b3b14 -
Trigger Event:
release
-
Statement type: