A set of tools for Web Exploitation

These details have not been verified by PyPI

Project description

webXtools

A wouldbe toolset for web exploitation and other general tools used in CTFs.

To install

pip3 install webXtools

Usage

Bruteforce

A multithreaded approach to generate strings

import webXtools
import hashlib
import string

# Find a string such that `hashlib.sha256("string".encode('utf-8')).hexdigest()[:5]` returns `3f6ac`


def check(string):
    if hashlib.sha256(string.encode('utf-8')).hexdigest()[:5] == "3f6a4":
        return True
    else:
        return False

# Returns the string that solves callback
print(webXtools.bruteforce(minLength=1, maxLength=4, charSet=string.ascii_letters+string.digits, noOfThreads=4, callback=check))

# Prints all the strings generated
webXtools.bruteforce(minLength=1, maxLength=4, charSet=string.ascii_letters+string.digits, noOfThreads=4, callback=print)


# bruteforceList
def doit(st):
    # something with the string 
    return False

webXtools.bruteforceList(stringList=[1, 2, 3, 4, 5, 6, 7, 8, 9, 10], noOfThreads=5, callback=doit)


# bruteforceFile
webXtools.bruteforceFile(file="./payloads.txt", noOfThreads=5, callback=check)

Race Condition

Test race condition in Web Applications

import webXtools

# 1
r = webXtools.race(url="https://google.com", numberOfRequests=100, threads=5)
## r has a list of all the responses


# 2
webXtools.race(url="http://vuln.com", cookies={"id":"evil"}, method="GET", headers={"iam":"admin"}, numberOfRequests=200, threads=10)


# 3
request = """POST /test/ HTTP/1.1
HOST: localhost:1337
Content-Type: application/JSON
Content-Length: 15

{"test":"data"}
"""
webXtools.race(url="http://localhost:1337", absoluteRequest=request, threads=5)

Project details

These details have not been verified by PyPI

Development Status
- 3 - Alpha
Intended Audience
- Developers
- Education
Operating System
Programming Language
- Python :: 3

Release history Release notifications | RSS feed

1.2.0

Dec 25, 2022

1.1.0

Oct 11, 2021

1.0.0

Aug 5, 2021

0.1.2

Aug 5, 2021

0.1.2b0 pre-release

Aug 5, 2021

This version

0.1.1b0 pre-release

Aug 5, 2021

0.1.0b0 pre-release

Aug 5, 2021

0.0.2b0 pre-release

Aug 3, 2021

0.0.2a0 pre-release

Aug 3, 2021

0.0.1a0 pre-release

Aug 3, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

webXtools-0.1.1b0.tar.gz (6.5 kB view details)

Uploaded Aug 5, 2021 Source

Built Distribution

webXtools-0.1.1b0-py3-none-any.whl (6.9 kB view details)

Uploaded Aug 5, 2021 Python 3

File details

Details for the file webXtools-0.1.1b0.tar.gz.

File metadata

Download URL: webXtools-0.1.1b0.tar.gz
Upload date: Aug 5, 2021
Size: 6.5 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.0 CPython/3.9.6

File hashes

Hashes for webXtools-0.1.1b0.tar.gz
Algorithm	Hash digest
SHA256	`c9e62b4971ba022c578fb1bfaf2f22b13a213b3a4cd6f1f3509b07c606c81ef4`
MD5	`d809caae123b8c2d8e8dcb40f72a0405`
BLAKE2b-256	`22f60d2558a4ccba90c0b7a10f4c20f08a6d0b8679997740975c7bca1880b2f3`

See more details on using hashes here.

Provenance

File details

Details for the file webXtools-0.1.1b0-py3-none-any.whl.

File metadata

Download URL: webXtools-0.1.1b0-py3-none-any.whl
Upload date: Aug 5, 2021
Size: 6.9 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.0 CPython/3.9.6

File hashes

Hashes for webXtools-0.1.1b0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`78df7fb1735c39747639798c38a2b09fb5195d877bfcd4da1d8f421af6ba5e91`
MD5	`4d17bf530d1d2902e12371e731654cba`
BLAKE2b-256	`9aed45bf5dd1650333a657b8f97bf8ca56cfe90ffdd58452a50bc24957160a28`