Panoptic
Panoptic copied to clipboard
lightos
Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerabilities.
This allows a user to create a symlink in the path and be able to execute it from any directory.
Hi ! Any intention to make this project compatible with python ver 3 ``` user@hive ~/Tools/Panoptic $ python -V Python 3.8.7 user@hive ~/Tools/Panoptic $ python panoptic.py File "panoptic.py", line 859...
Hi I got this error while I am trying to run ./panoptic.py. page is containing self-sign certificate. ``` ./panoptic.py -v -u https://10.11.1.35/section.php?page=bobdoc .-',--.`-. `-`=='-' Panoptic v0.1-df35a6c (https://github.com/lightos/Panoptic/) [i] Starting scan...
#### After running `panoptic.py --url "http://localhost/apps/pbcs.dll/article?url=test"` #### I received the following output ``` Panoptic v0.1 (https://github.com/lightos/Panoptic/) [i] Starting scan at: 00:02:47 [i] Checking original response... [i] Checking invalid response... [i]...
Attempting to run the ` --random-agent` flag as such `panoptic.py -u "http://localhost:80/apps/pbcs.dll/misc?url=test" --verbose --random-agent` results in the following ``` Panoptic v0.1 (https://github.com/lightos/Panoptic/) [i] Starting scan at: 01:55:21 [i] Checking original...
Add support for URLs that include the path traversal in a semantic URL (https://en.wikipedia.org/wiki/Semantic_URL). For example, instead of: http://www.example.com/file.php?x=/etc/passwd A semantic URL may include the path traversal in the following...
https://github.com/lightos/Panoptic/issues/15
Support for base64 encoding of specific payload values in the query string. Values must be base64 encoded and stripped of any padding before the string gets url encoded.
When searching for certain file paths, the version of the software is required. One example is JBOSS which folder structure is like: JBOSS_HOME\server\default\conf\ JBOSS_HOME\server\default\log\
