open redirect subdomains scanner
Switch branches/tags
Nothing to show
Clone or download
Latest commit 1966eaf Oct 25, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Update README.md Oct 25, 2017
payloads.list Add files via upload Oct 25, 2017
redirect.py Update redirect.py Oct 25, 2017

README.md

redirect.py

UPDATED! we add awesomes payloads list by https://github.com/cujanovic/Open-Redirect-Payloads

Open redirect Scanner by Ak1t4 - https://hackerone.com/ak1t4 (contributor(s): @sxcurity)

Use ./redirect.py [subdomains.file] [redirect-payload]

Example ./redirect.py uber.list '//yahoo.com/%2F..'

UPDATE: ((Now is not necessarily indicate the payload we replace we an entire payloads list)

this is pretty awesome, now you can run 1 only command who search all subdomains in 1 file and inject unlimited Payloads from payloads.list

Use example:

skynet-localhost:Sublist3r ak1t4_hax0r$ while read -r line;do python redirect.py.1 uber.list $line;done < payloads.list

Here is a new video PoC with the unlimited payloads -> https://youtu.be/hCWxb88do2I

This is the old video PoC -> https://www.youtube.com/watch?v=esMBWSO4RUU

Enjoy!

@ak1t4