A script that nobody asked for! Introducing an incredible tool for uncovering cache purge request vulnerability that don't even need pesky authentication. Enjoy the risk!
Usage
$ purge|Options:
| -U update this script
|
|Usage:
| purge subdomain.txt
| cat subdomain.txt | purge
| subfinder -d domain.TLD | purge
|
|if [ URL = PURGE'd ]; then [smash]
|else [pass] fi
$ cat subdomains.txt | purge
# OR
$ purge subdomains.txt
Installation
git clone https://github.com/synacktraa/purge.git && cd ./purge
sudo mv ./purge /usr/local/bin
cd .. && rm -rf "./purge"Dependencies
- curl
- jq