Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerabilities.
Clone or download
lightos Merge pull request #21 from esabear/master
Issue #20 for Windows environment
Latest commit df35a6c Sep 27, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
thirdparty Code revamp Mar 27, 2013
.gitattributes Lots of style changes Apr 5, 2013
.gitignore Lots of style changes Apr 5, 2013
LICENSE Update LICENSE Jan 7, 2015
README.md Changing vulnerability naming Jul 29, 2014
agents.txt Adding support for --user-agent and --random-agent Apr 1, 2013
cases.xml Implementation for an Issue #7 Jun 19, 2013
home.txt Updated home.txt Nov 6, 2014
panoptic.py Fix issues on Windows Sep 25, 2017
versions.ini New file added for Issue #7 Jun 19, 2013

README.md

Panoptic

Logo

Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through path traversal vulnerability. Official introductionary post can be found here. Also, you can find a sample run here.

Help Menu

Usage: panoptic.py --url TARGET [options]

Options:
  -h/--help             show this help message and exit
  -v/--verbose          display extra output information
  -u/--url=URL          set target URL
  -p/--param=PARAM      set parameter name to test for (e.g. "page")
  -d/--data=DATA        set data for HTTP POST request (e.g. "page=default")
  -t/--type=TYPE        set type of file to look for ("conf" or "log")
  -o/--os=OS            set filter name for OS (e.g. "*NIX")
  -s/--software=SOFT..  set filter name for software (e.g. "PHP")
  -c/--category=CATE..  set filter name for category (e.g. "FTP")
  -l/--list=GROUP       list available filters for group (e.g. "software")
  -a/--auto             avoid user interaction by using default options
  -w/--write-files      write content of retrieved files to output folder
  -x/--skip-parsing     skip special tests if *NIX passwd file is found
  --load=LISTFILE       load and try user provided list from a file
  --ignore-proxy        ignore system default HTTP proxy
  --proxy=PROXY         set proxy (e.g. "socks5://192.168.5.92")
  --user-agent=UA       set HTTP User-Agent header value
  --random-agent        choose random HTTP User-Agent header value
  --cookie=COOKIE       set HTTP Cookie header value (e.g. "sid=foobar")
  --header=HEADER       set a custom HTTP header (e.g. "Max-Forwards=10")
  --prefix=PREFIX       set prefix for file path (e.g. "../")
  --postfix=POSTFIX     set postfix for file path (e.g. "%00")
  --multiplier=MULTI..  set multiplication number for prefix (default: 1)
  --bad-string=STRING   set a string occurring when file is not found
  --replace-slash=RE..  set replacement for char / in paths (e.g. "/././")
  --threads=THREADS     set number of threads (default: 1)
  --update              update Panoptic from official repository

Examples

./panoptic.py --url "http://localhost/include.php?file=test.txt"
./panoptic.py --url "http://localhost/include.php?file=test.txt&id=1" --param file
./panoptic.py --url "http://localhost/include.php" --data "file=test.txt&id=1" --param file

./panoptic.py --list software
./panoptic.py --list category
./panoptic.py --list os

./panoptic.py -u "http://localhost/include.php?file=test.txt" --os Windows
./panoptic.py -u "http://localhost/include.php?file=test.txt" --software WAMP