上传   管理   搜索   留言
Pudn.com > 下载中心  > 系统/网络安全  > WebSecurity-Academy-with-Python
WebSecurity-Academy-with-Python
python penetration-testing security scripting web-security 
去下载(0) 赞(12) 踩(0) 评论(0) 收藏(0)
所属分类:系统/网络安全
开发工具:Python
文件大小:0KB
下载次数:0
上传日期:2023-09-28 15:50:06
上 传 者sh-1993
说明:  该存储库包含使用Python编程语言解决PortSwiger公司WebSecurity Academy实验室的脚本,
(This repository contains scripts for solving WebSecurity Academy labs of PortSwigger company using the Python programming language,)
文件列表:
API testing/ (0, 2024-01-06)
API testing/Exploiting a mass assignment vulnerability/ (0, 2024-01-06)
API testing/Exploiting a mass assignment vulnerability/main.py (2253, 2024-01-06)
API testing/Exploiting an API endpoint using documentation/ (0, 2024-01-06)
API testing/Exploiting an API endpoint using documentation/main.py (2375, 2024-01-06)
API testing/Exploiting server-side parameter pollution in a REST URL/ (0, 2024-01-06)
API testing/Exploiting server-side parameter pollution in a REST URL/main.py (3502, 2024-01-06)
API testing/Exploiting server-side parameter pollution in a query string/ (0, 2024-01-06)
API testing/Exploiting server-side parameter pollution in a query string/main.py (3456, 2024-01-06)
API testing/Finding and exploiting an unused API endpoint/ (0, 2024-01-06)
API testing/Finding and exploiting an unused API endpoint/main.py (3557, 2024-01-06)
Access control vulnerabilities/ (0, 2024-01-06)
Access control vulnerabilities/Insecure direct object references/ (0, 2024-01-06)
Access control vulnerabilities/Insecure direct object references/main.py (2468, 2024-01-06)
Access control vulnerabilities/Method-based access control can be circumvented/ (0, 2024-01-06)
Access control vulnerabilities/Method-based access control can be circumvented/main.py (1646, 2024-01-06)
Access control vulnerabilities/Multi-step process with no access control on one step/ (0, 2024-01-06)
Access control vulnerabilities/Multi-step process with no access control on one step/main.py (1486, 2024-01-06)
Access control vulnerabilities/Referer-based access control/ (0, 2024-01-06)
Access control vulnerabilities/Referer-based access control/main.py (1692, 2024-01-06)
Access control vulnerabilities/URL-based access control can be circumvented/ (0, 2024-01-06)
Access control vulnerabilities/URL-based access control can be circumvented/main.py (1101, 2024-01-06)
Access control vulnerabilities/Unprotected admin functionality with unpredictable URL/ (0, 2024-01-06)
Access control vulnerabilities/Unprotected admin functionality with unpredictable URL/main.py (1618, 2024-01-06)
Access control vulnerabilities/Unprotected admin functionality/ (0, 2024-01-06)
... ...
![Static Badge](https://img.shields.io/badge/Developed%20on-GNU%20Linux-red) ![Static Badge](https://img.shields.io/badge/Python-v3.x-bright) ![Static Badge](https://img.shields.io/badge/License-GPLv3-yellow) ![Static Badge](https://img.shields.io/badge/Topics-17-red) ![Static Badge](https://img.shields.io/badge/Labs-151-blue) ![WebScurity Academy](./web-security-python.png) ## Disclaimer This repository is for educational purposes only, and I am not responsible for using any of the techniques described here for illegal usage. ## Using Burp Suite for Labs You can, of course, solve the labs using Burp Suite, but this repository is for those who want to take their scripting skills up to a higher level. This repository assumes that you already know how to solve the labs and want to solve them using scripts in order to practice writing robust ones. You may not find a detailed description of how the labs should be solved but you will find a detailed description of how the scripts were written. ## Trivial Labs There are some labs that you may find trivial in their solutions and don't necessarily require a script. In fact, solving them without a script might be faster and easier. I have only written scripts for these labs for the completeness of this repository. Feel free to skip them if you prefer. ## Error Handling Since this repository is intended for educational purposes and not for production, I have omitted some error handling, which I believe will not significantly impact your testing of the script. This decision represents a trade-off between addressing every possible scenario and prioritizing simplicity. ## Reporting Issues If you encounter any issues or have suggestions for improvement while working with these scripts, feel free to open an issue. Your feedback is valuable, and I appreciate your contributions to enhance the learning experience for everyone. ## Python Alternatives If your goal is to quickly write a script, then Python will be your best friend. However, if you prioritize efficiency, seeking faster runtime and script robustness, there are better options available than Python I recommend checking out the [WebSecurity Academy with Rust](https://github.com/elqal3awii/WebSecurity-Academy-with-Rust) repository in which I have solved the same labs using **Rust** in both single-threaded and multi-threaded programming approaches. ## Support & Star If you appreciate the work and find it valuable, please consider giving this repository a star. Your support is greatly appreciated and helps to showcase the popularity and significance of the project. Thank you for your interest and support!
近期下载者
相关文件
收藏者

© 联合开发网 from 2004 | 联系站长 | 湘ICP备2023001425号 | 网安备43010502000604 |