This tool is designed to scan URLs with injection parameters obtained via GoSpider and then automatically render them visually in a browser using Selenium and Firefox to observe site behavior. Its primary goal is to capture paths and successfully execute vulnerabilities such as XSS, LFI, RCE, SQLi, among others. Captured data is generated, added to PoC reports, and analyzed via an OCR API interface. Additionally, the tool enables cookie management, extracting cookies through a Chrome extension that should be saved in a .json file. It also offers the option to perform injections using both GET and POST methods. Another valuable feature is payload injection into request headers (User-Agent, etc.). The tool can run autonomously, notifying us via a configured Telegram bot with an alert on a detected vulnerability, successful payload, and a screenshot.
GitHub - MammaniNelsonD/P4IvisualInyect: Una Tool 🔍 para BugHunters que escanea URLs con parámetros de inyección obtenidos con GoSpider, automatizando pruebas visualmente en Firefox. Detecta XSS, LFI, RCE y SQLi ⚠️, inyectando payloads por GET y POST
Una Tool 🔍 para BugHunters que escanea URLs con parámetros de inyección obtenidos con GoSpider, automatizando pruebas visualmente en Firefox. Detecta XSS, LFI, RCE y SQLi ⚠️, inyectando payloads po...
github.com
