A set of tools for Web Exploitation

These details have not been verified by PyPI

Project description

webXtools

A wouldbe toolset for web exploitation and other general tools used in CTFs.

To install

pip3 install webXtools

Usage

Bruteforce

A multithreaded approach to generate strings

import webXtools
import hashlib
import string

# Find a string such that `hashlib.sha256("string".encode('utf-8')).hexdigest()[:5]` returns `3f6ac`


def check(string):
    if hashlib.sha256(string.encode('utf-8')).hexdigest()[:5] == "3f6a4":
        return True
    else:
        return False

# Returns the string that solves callback
print(webXtools.bruteforce(minLength=1, maxLength=4, charSet=string.ascii_letters+string.digits, noOfThreads=4, callback=check))

# Prints all the strings generated
webXtools.bruteforce(minLength=1, maxLength=4, charSet=string.ascii_letters+string.digits, noOfThreads=4, callback=print)


# bruteforceList
def doit(st):
    # something with the string 
    return False

webXtools.bruteforceList(stringList=[1, 2, 3, 4, 5, 6, 7, 8, 9, 10], noOfThreads=5, callback=doit)


# bruteforceFile
webXtools.bruteforceFile(file="./payloads.txt", noOfThreads=5, callback=check)

Race Condition

Test race condition in Web Applications

import webXtools

# 1
r = webXtools.race(url="https://google.com", numberOfRequests=100, threads=5)
## r has a list of all the responses


# 2
webXtools.race(url="http://vuln.com", cookies={"id":"evil"}, method="GET", headers={"iam":"admin"}, numberOfRequests=200, threads=10)


# 3
request = """POST /test/ HTTP/1.1
HOST: localhost:1337
Content-Type: application/JSON
Content-Length: 15

{"test":"data"}
"""
webXtools.race(url="http://localhost:1337", absoluteRequest=request, threads=5)

Project details

These details have not been verified by PyPI

Development Status
- 3 - Alpha
Intended Audience
- Developers
- Education
Operating System
Programming Language
- Python :: 3

Release history Release notifications | RSS feed

1.2.0

Dec 25, 2022

1.1.0

Oct 11, 2021

1.0.0

Aug 5, 2021

0.1.2

Aug 5, 2021

0.1.2b0 pre-release

Aug 5, 2021

0.1.1b0 pre-release

Aug 5, 2021

This version

0.1.0b0 pre-release

Aug 5, 2021

0.0.2b0 pre-release

Aug 3, 2021

0.0.2a0 pre-release

Aug 3, 2021

0.0.1a0 pre-release

Aug 3, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

webXtools-0.1.0b0.tar.gz (6.5 kB view details)

Uploaded Aug 5, 2021 Source

Built Distribution

webXtools-0.1.0b0-py3-none-any.whl (6.9 kB view details)

Uploaded Aug 5, 2021 Python 3

File details

Details for the file webXtools-0.1.0b0.tar.gz.

File metadata

Download URL: webXtools-0.1.0b0.tar.gz
Upload date: Aug 5, 2021
Size: 6.5 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.0 CPython/3.9.6

File hashes

Hashes for webXtools-0.1.0b0.tar.gz
Algorithm	Hash digest
SHA256	`30d33474e144e037662d8694673e454d65ea9a7996dfb006e6be730993aaf688`
MD5	`6fde85f7992eaa47f00e27fc2b39f719`
BLAKE2b-256	`68a8aaaa2ef5860a946f72cb33dcc05e911039493228be010e08a3e11391d125`

See more details on using hashes here.

Provenance

File details

Details for the file webXtools-0.1.0b0-py3-none-any.whl.

File metadata

Download URL: webXtools-0.1.0b0-py3-none-any.whl
Upload date: Aug 5, 2021
Size: 6.9 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.0 CPython/3.9.6

File hashes

Hashes for webXtools-0.1.0b0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`3fd9506bee06e848bfced3444a9ef12d19d78f9ddbcf5ac59a57d33e943734af`
MD5	`013d14cb66135beeaa820f482b715fa1`
BLAKE2b-256	`4dbd3a80a5ede829d85097628c6e6e1647ea482aa72209f7d509b1720c330023`