Same Site Scripting Tester

These details have not been verified by PyPI

Project links

Homepage

Project description

penterepTools

PTSAMESITE

Same Site Scripting Testing Tool

ptsamesite is a tool for testing Same Site Scripting vulnerability. ptsamesite supports mass domain testing.

Script sends DNS "A" query to domain with 'localhost' as subdomain.
If DNS responds with IP '127.0.0.1', the record is prone to Same Site Scripting vulnerability.

Installation

pip install ptsamesite

Add to PATH

If you cannot invoke the script in your terminal, its probably because its not in your PATH. Fix it by running commands below.

echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.bashrc
source ~/.bashrc

Usage examples

$ ptsamesite -d example.com
$ ptsamesite -d subdomain1.subdomain2.example.com -s
$ ptsamesite -d example.com example2.com
$ ptsamesite -f domain_list.txt

Options

-d  --domain      <domain>   Test domain
-f  --file        <file>     Test domains from file
-V  --vulnerable             Print only vulnerable domains
-s  --subdomains             Scan all subdomains of given domain
-t  --threads     <threads>  Number of threads (default 20)
-j  --json                   Output in JSON format
-v  --version                Show script version and exit
-h  --help                   Show this help message and exit

Dependencies

dnspython
tldextract
ptlibs
ptthreads

Version History

0.0.1 - 0.0.3
- Alpha releases

Licence

ptsamesite is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

ptsamesite is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with ptsamesite. If not, see https://www.gnu.org/licenses/.

Warning

You are only allowed to run the tool against the websites which you have been given permission to pentest. We do not accept any responsibility for any damage/harm that this application causes to your computer, or your network. Penterep is not responsible for any illegal or malicious use of this code. Be Ethical!

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

1.0.3

May 28, 2024

1.0.2

May 9, 2024

1.0.1

May 6, 2024

1.0.0

Aug 7, 2023

0.0.4

Mar 28, 2022

This version

0.0.3

Sep 29, 2021

0.0.2

Sep 28, 2021

0.0.1

Sep 28, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

ptsamesite-0.0.3-py3-none-any.whl (17.6 kB view details)

Uploaded Sep 29, 2021 Python 3

File details

Details for the file ptsamesite-0.0.3-py3-none-any.whl.

File metadata

Download URL: ptsamesite-0.0.3-py3-none-any.whl
Upload date: Sep 29, 2021
Size: 17.6 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.4.2 importlib_metadata/4.8.1 pkginfo/1.7.1 requests/2.22.0 requests-toolbelt/0.9.1 tqdm/4.62.2 CPython/3.8.10

File hashes

Hashes for ptsamesite-0.0.3-py3-none-any.whl
Algorithm	Hash digest
SHA256	`ba0c4c39a4e49bd42342755f9d3dfe937d84b5377a804e9e6714e7d191aeb5d6`
MD5	`e798e21d3ce1cbbc0009af86ab2590fd`
BLAKE2b-256	`d18675af48047e89972f658dbf73ec756e68321e960e36410e2ab394c123ce4c`