Giters

phor3nsic / vhospping

Vhost Hopping Or Abuse Proxy Pass

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool


Vhospping | Vhospping

Abuse of vhost hopping or proxy pass

What is this

Bypass access host with port filtred!

With Subdomains:

  • Enumerate target subdomains
  • Choose a target URL
  • Run vhospping using subdomains instead of wordlists:
▶ python3 vhospping.py -u https://example.com -s subdomains.txt -o output.txt

With Wordlist:

  • Choose a target URL
  • Run vhospping using wordlists:
▶ python3 vhospping.py -u https://example.com -w db/wordlist.txt -o output.txt

How it works

vhospint

Install

▶ git clone https://github.com/phor3nsic/vhospping.git

Help

▶ python3 vhospping.py -h

usage: vhospping.py [-h] [-u URL] [-uL URLLIST] [-d DOMAIN] [-w WORDLIST] [-s SUBDOMAINSLIST] [-p PROXY] -o OUTPUT

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     Url
  -uL URLLIST, --urlList URLLIST
                        Url list mode
  -d DOMAIN, --domain DOMAIN
                        Force domain for header
  -w WORDLIST, --wordlist WORDLIST
                        Wordlist for hosts
  -s SUBDOMAINSLIST, --subdomainsList SUBDOMAINSLIST
                        Use subdomains for brute force
  -p PROXY, --proxy PROXY
                        Proxy url for debug Ex: http://127.0.0.1:8080
  -o OUTPUT, --output OUTPUT
                        Output for save

More

https://mobile.twitter.com/Bugcrowd/status/1372034980164014082/photo/1

Tags

fuzz proxy_pass vhost hopping

About

Vhost Hopping Or Abuse Proxy Pass

Languages

Language:Python 100.0%