{"id":13762729,"url":"https://github.com/edoardottt/pphack","last_synced_at":"2025-03-16T17:36:53.732Z","repository":{"id":220833789,"uuid":"750265020","full_name":"edoardottt/pphack","owner":"edoardottt","description":"The Most Advanced Client-Side Prototype Pollution Scanner","archived":false,"fork":false,"pushed_at":"2024-04-09T16:07:28.000Z","size":172,"stargazers_count":80,"open_issues_count":1,"forks_count":10,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-04-09T20:01:25.539Z","etag":null,"topics":["frontend-security","hacking","javascript-security","offensive-security","offensivesecurity","prototype-pollution","red-team","redteam-tools","redteaming","scanner-web","security","security-tools","web-scanner","web-sec-scanner","web-security","web-security-audit","web-security-research"],"latest_commit_sha":null,"homepage":"https://edoardottt.github.io/pp-test/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/edoardottt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null},"funding":{"github":"edoardottt","liberapay":"edoardottt","patreon":"edoardottt","ko_fi":"edoardottt","open_collective":"edoardottt","custom":"https://www.paypal.me/edoardottt"}},"created_at":"2024-01-30T10:05:05.000Z","updated_at":"2024-04-15T07:59:19.773Z","dependencies_parsed_at":"2024-02-04T18:34:59.252Z","dependency_job_id":"b28813cc-b46f-412d-94b3-918da3cd1486","html_url":"https://github.com/edoardottt/pphack","commit_stats":null,"previous_names":["edoardottt/pphack"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fpphack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fpphack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fpphack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/edoardottt%2Fpphack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/edoardottt","download_url":"https://codeload.github.com/edoardottt/pphack/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219861781,"owners_count":16555986,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["frontend-security","hacking","javascript-security","offensive-security","offensivesecurity","prototype-pollution","red-team","redteam-tools","redteaming","scanner-web","security","security-tools","web-scanner","web-sec-scanner","web-security","web-security-audit","web-security-research"],"created_at":"2024-08-03T14:00:55.584Z","updated_at":"2025-03-16T17:36:53.723Z","avatar_url":"https://github.com/edoardottt.png","language":"Go","funding_links":["https://github.com/sponsors/edoardottt","https://liberapay.com/edoardottt","https://patreon.com/edoardottt","https://ko-fi.com/edoardottt","https://opencollective.com/edoardottt","https://www.paypal.me/edoardottt"],"categories":["Weapons","Go"],"sub_categories":["Tools"],"readme":"\u003ch1 align=\"center\"\u003e\n  pphack\n  \u003cbr\u003e\n\u003c/h1\u003e\n\n\u003ch4 align=\"center\"\u003eThe Most Advanced Client-Side Prototype Pollution Scanner\u003c/h4\u003e\n\n\u003ch6 align=\"center\"\u003e Coded with 💙 by edoardottt \u003c/h6\u003e\n\n\u003cp align=\"center\"\u003e\n\n  \u003ca href=\"https://github.com/edoardottt/pphack/actions\"\u003e\n      \u003cimg src=\"https://github.com/edoardottt/pphack/actions/workflows/go.yml/badge.svg\" alt=\"go action\"\u003e\n  \u003c/a\u003e\n\n  \u003ca href=\"https://goreportcard.com/report/github.com/edoardottt/pphack\"\u003e\n      \u003cimg src=\"https://goreportcard.com/badge/github.com/edoardottt/pphack\" alt=\"go report card\"\u003e\n  \u003c/a\u003e\n\n\u003cbr\u003e\n  \u003c!--Tweet button--\u003e\n  \u003ca href=\"https://twitter.com/intent/tweet?text=pphack%20-%20The%20Most%20Advanced%20Client-Side%20Prototype%20Pollution%20Scanner%20https%3A%2F%2Fgithub.com%2Fedoardottt%2Fpphack%20%23golang%20%23github%20%23linux%20%23infosec%20%23bugbounty\" target=\"_blank\"\u003eShare on Twitter!\n  \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"#install-\"\u003eInstall\u003c/a\u003e •\n  \u003ca href=\"#get-started-\"\u003eGet Started\u003c/a\u003e •\n  \u003ca href=\"#examples-\"\u003eExamples\u003c/a\u003e •\n  \u003ca href=\"#changelog-\"\u003eChangelog\u003c/a\u003e •\n  \u003ca href=\"#contributing-\"\u003eContributing\u003c/a\u003e •\n  \u003ca href=\"#license-\"\u003eLicense\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/edoardottt/images/blob/main/pphack/pphack.gif\"\u003e\n\u003c/p\u003e\n  \nInstall 📡\n----------\n\n### Using Go\n\n```console\ngo install github.com/edoardottt/pphack/cmd/pphack@latest\n```\n\npphack relies on [`chromedp`](https://github.com/chromedp/chromedp), so you need a Chrome or Chromium browser.\n\nGet Started 🎉\n----------\n\n```console\nUsage:\n  pphack [flags]\n\nFlags:\nINPUT:\n   -u, -url string   Input URL\n   -l, -list string  File containing input URLs\n\nCONFIGURATION:\n   -c, -concurrency int       Concurrency level (default 50)\n   -t, -timeout int           Connection timeout in seconds (default 20)\n   -px, -proxy string         Set a proxy server (URL)\n   -rl, -rate-limit int       Set a rate limit (per second)\n   -ua, -user-agent string    Set a custom User Agent (random by default)\n   -H, -headers string[]      Set custom headers\n   -Hf, -headers-file string  File containing custom headers\n\nSCAN:\n   -p, -payload string            Custom payload\n   -js, -javascript string        Run custom Javascript on target\n   -jsf, -javascript-file string  File containing custom Javascript to run on target\n   -e, -exploit                   Automatic Exploitation\n\nOUTPUT:\n   -o, -output string  File to write output results\n   -v, -verbose        Verbose output\n   -s, -silent         Silent output. Print only results\n   -j, -json           JSON output\n```\n\nExamples 💡\n----------\n\nScan a single URL\n\n```console\npphack -u https://edoardottt.github.io/pp-test/\n```\n\n```console\necho https://edoardottt.github.io/pp-test/ | pphack\n```\n\nScan a list of URLs\n\n```console\npphack -l targets.txt\n```\n\n```console\ncat targets.txt | pphack\n```\n\nAutomatic exploitation\n\n```console\npphack -e -u https://edoardottt.github.io/pp-test/\n```\n\n[Read the Wiki](https://github.com/edoardottt/pphack/wiki) to understand how to use pphack.\n\nChangelog 📌\n-------\n\nDetailed changes for each release are documented in the [release notes](https://github.com/edoardottt/pphack/releases).\n\nContributing 🛠\n-------\n\nJust open an [issue](https://github.com/edoardottt/pphack/issues) / [pull request](https://github.com/edoardottt/pphack/pulls).\n\nBefore opening a pull request, download [golangci-lint](https://golangci-lint.run/usage/install/) and run\n\n```console\ngolangci-lint run\n```\n\nIf there aren't errors, go ahead :)\n\nIn the news 📰\n-------\n\n- [tl;dr sec Newsletter](https://tldrsec.com/p/tldr-sec-269)\n\nLicense 📝\n-------\n\nThis repository is under [MIT License](https://github.com/edoardottt/pphack/blob/main/LICENSE).  \n[edoardottt.com](https://edoardottt.com/) to contact me.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedoardottt%2Fpphack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fedoardottt%2Fpphack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fedoardottt%2Fpphack/lists"}