Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added Vailyn Tool in new Category #71

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added Vailyn Tool in new Category #71

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Added Vailyn Tool in new Category 
Added `Vailyn` (https://github.com/VainlyStrain/Vailyn) to a new Offensive category: **LFI & Path Traversal**

Vailyn is a tool to find Path Traversal & LFI vulnerabilities, and to exploit them. It uses a number of evasive payloads & techniques, and covers multiple attack vectors (query, path, cookie, POST data). Also, it provides a crawler for automation, a possibility to give an authentication cookie if needed, and a GUI for easy interaction. To improve performance, it detects the vulnerability in a first phase, and only uses confirmed working payloads in the exploitation phase (instead of using every combination with every file path).

In general, the tool should be production ready, however, only the newer reverse shell module is still in testing phase.

In case it doesn't meet the quality standards, I'd highly value your feedback. I'd be glad to improve it in any way I can :)
  • Loading branch information
@VainlyStrain
VainlyStrain authored Sep 1, 2020
commit 15c2d553198cd260144e3bbcc36bcfef5b4dcd7c
6 changes: 6 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [XXE](#tools-xxe)
- [CSRF](#tools-csrf)
- [SSRF](#tools-ssrf)
- [LFI & Path Traversal](#tools-lfi)
- [Detecting](#tools-detecting)
- [Preventing](#tools-preventing)
- [Proxy](#tools-proxy)
Expand Down Expand Up @@ -705,6 +706,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre

- [Open redirect/SSRF payload generator](https://tools.intigriti.io/redirector/) - Open redirect/SSRF payload generator by [intigriti](https://www.intigriti.com/).

<a name="tools-lfi"></a>
#### Path Traversal & Local File Inclusion

- [Vailyn](https://github.com/VainlyStrain/Vailyn) - Evasive Path Traversal Detection and Exploitation Tool with Many Attack Vectors by [VainlyStrain](https://github.com/VainlyStrain)

<a name="tools-leaking"></a>
### Leaking

Expand Down