Endpoints Explorer
Endpoints Explorer is a Python script designed to discover sensitive endpoints by employing multiple bypass rules. It utilizes the aiohttp library to make asynchronous HTTP requests, allowing for highly concurrent scanning of endpoints for sensitive information. The script is capable of attempting various bypass rules and returns results as soon as sensitive information is detected.
Key Features:
- Asynchronous Scanning: Leverages asynchronous HTTP requests for efficient scanning.
- Multiple Bypass Rules: Implements various bypass techniques to uncover sensitive endpoints.
- Custom Headers Support: Allows users to inject custom headers during requests.
- Filtered Output: Provides options to filter results for similar content.
- Concurrency Control: Users can set the level of concurrency for scanning.
- Log Results: Saves scan results in a
results.logfile in the current directory.
Benefits:
- Efficient Security Testing: Quickly identifies potential vulnerabilities in web applications.
- User-Friendly: Simple command-line interface for ease of use.
- Flexible Configuration: Users can customize scanning parameters to suit their needs.
Usage:
To use the script, install the required Python libraries with:
pip install aiohttp asyncio coloramaThen run the script with:
python3 endpoints_explorer.py <base_url> <normal_paths_dict> <sensitive_files_dict> [-c <concurrency>] [-v] [-e]Disclaimer:
This script is intended for lawful, authorized security testing activities only. Users are responsible for ensuring they have proper authorization before conducting scans.