A set of tools for Web Exploitation

These details have not been verified by PyPI

Project description

webXtools

A wouldbe toolset for web exploitation and other general tools used in CTFs.

To install

pip3 install webXtools

Usage

Bruteforce

A multithreaded approach to generate strings

import webXtools
import hashlib
import string

# Find a string such that `hashlib.sha256("string".encode('utf-8')).hexdigest()[:5]` returns `3f6ac`


def check(string):
    if hashlib.sha256(string.encode('utf-8')).hexdigest()[:5] == "3f6a4":
        return True
    else:
        return False

# Returns the string that solves callback
print(webXtools.bruteforce(minLength=1, maxLength=4, charSet=string.ascii_letters+string.digits, noOfThreads=4, callback=check))

# Prints all the strings generated
webXtools.bruteforce(minLength=1, maxLength=4, charSet=string.ascii_letters+string.digits, noOfThreads=4, callback=print)


# bruteforceList
def doit(st):
    # something with the string 
    return False

webXtools.bruteforceList(stringList=[1, 2, 3, 4, 5, 6, 7, 8, 9, 10], noOfThreads=5, callback=doit)


# bruteforceFile
webXtools.bruteforceFile(file="./payloads.txt", noOfThreads=5, callback=check)

Race Condition

Test race condition in Web Applications

import webXtools

# 1
r = webXtools.race(url="https://google.com", numberOfRequests=100, threads=5)
## r has a list of all the responses


# 2
webXtools.race(url="http://vuln.com", cookies={"id":"evil"}, method="GET", headers={"iam":"admin"}, numberOfRequests=200, threads=10)


# 3
request = """POST /test/ HTTP/1.1
HOST: localhost:1337
Content-Type: application/JSON
Content-Length: 15

{"test":"data"}
"""
webXtools.race(url="http://localhost:1337", absoluteRequest=request, threads=5)

Project details

These details have not been verified by PyPI

Development Status
- 3 - Alpha
Intended Audience
- Developers
- Education
Operating System
Programming Language
- Python :: 3

Release history Release notifications | RSS feed

1.2.0

Dec 25, 2022

1.1.0

Oct 11, 2021

1.0.0

Aug 5, 2021

This version

0.1.2

Aug 5, 2021

0.1.2b0 pre-release

Aug 5, 2021

0.1.1b0 pre-release

Aug 5, 2021

0.1.0b0 pre-release

Aug 5, 2021

0.0.2b0 pre-release

Aug 3, 2021

0.0.2a0 pre-release

Aug 3, 2021

0.0.1a0 pre-release

Aug 3, 2021

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

webXtools-0.1.2.tar.gz (6.3 kB view details)

Uploaded Aug 5, 2021 Source

Built Distribution

webXtools-0.1.2-py3-none-any.whl (6.7 kB view details)

Uploaded Aug 5, 2021 Python 3

File details

Details for the file webXtools-0.1.2.tar.gz.

File metadata

Download URL: webXtools-0.1.2.tar.gz
Upload date: Aug 5, 2021
Size: 6.3 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.0 CPython/3.9.6

File hashes

Hashes for webXtools-0.1.2.tar.gz
Algorithm	Hash digest
SHA256	`f66e7260f9c158728e7bc3ab2dc5a359d568d6788a2e1933dd43f5febd9019ec`
MD5	`a109713bd4991806ccec87a6b095df60`
BLAKE2b-256	`da440d9b127fe942a9054f2e3034d47e09e41c41d906e62e28f7ee4b784fbefd`

See more details on using hashes here.

Provenance

File details

Details for the file webXtools-0.1.2-py3-none-any.whl.

File metadata

Download URL: webXtools-0.1.2-py3-none-any.whl
Upload date: Aug 5, 2021
Size: 6.7 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.4.2 importlib_metadata/4.6.1 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.0 CPython/3.9.6

File hashes

Hashes for webXtools-0.1.2-py3-none-any.whl
Algorithm	Hash digest
SHA256	`ae9c2b3f062eb858df9948866066b1a4c713d8c3c00287f58451efab798793af`
MD5	`644044ff038bd9b9dda82ed14070e700`
BLAKE2b-256	`59b26b997f28493e86733ce595745b7b3284311cb8817722f8a6ca018d64bbce`