{"id":13538687,"url":"https://github.com/jcesarstef/dotdotslash","last_synced_at":"2025-04-02T05:31:35.459Z","repository":{"id":48172306,"uuid":"123036562","full_name":"jcesarstef/dotdotslash","owner":"jcesarstef","description":"Search for Directory Traversal Vulnerabilities","archived":false,"fork":false,"pushed_at":"2024-06-19T01:32:15.000Z","size":684,"stargazers_count":415,"open_issues_count":5,"forks_count":64,"subscribers_count":17,"default_branch":"master","last_synced_at":"2024-11-03T03:31:51.652Z","etag":null,"topics":["bwapp","directory-traversal","dvwa","pentest-scripts","pentest-tool","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jcesarstef.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-02-26T22:02:01.000Z","updated_at":"2024-10-30T19:50:29.000Z","dependencies_parsed_at":"2024-08-01T09:21:59.435Z","dependency_job_id":null,"html_url":"https://github.com/jcesarstef/dotdotslash","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcesarstef%2Fdotdotslash","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcesarstef%2Fdotdotslash/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcesarstef%2Fdotdotslash/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jcesarstef%2Fdotdotslash/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jcesarstef","download_url":"https://codeload.github.com/jcesarstef/dotdotslash/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246763805,"owners_count":20829795,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bwapp","directory-traversal","dvwa","pentest-scripts","pentest-tool","security-tools"],"created_at":"2024-08-01T09:01:14.831Z","updated_at":"2025-04-02T05:31:32.816Z","avatar_url":"https://github.com/jcesarstef.png","language":"Python","readme":"# dotdotslash\nAn tool to help you search for Directory Traversal Vulnerabilities\n\n# Benchmarks\nPlatforms that I tested to validate tool efficiency:\n* [DVWA](https://github.com/ethicalhack3r/DVWA) (low/medium/high)\n* [bWAPP](http://www.itsecgames.com/) (low/medium/high)\n\n\n# Screenshots\n\n![Screenshot](https://raw.githubusercontent.com/jcesarstef/dotdotslash/master/poc1.png)\n\n![Screenshot](https://raw.githubusercontent.com/jcesarstef/dotdotslash/master/poc2.png)\n\n![Screenshot](https://raw.githubusercontent.com/jcesarstef/dotdotslash/master/poc3.png)\n\n# Instalation\nYou can download the last version cloning this repository\n\n```\ngit clone https://github.com/jcesarstef/dotdotslash/\n```\n\nThis tool was made to work with Python3\n\n# Usage\n\n```\n\u003e python3 dotdotslash.py --help\nusage: dotdotslash.py [-h] --url URL --string STRING [--cookie COOKIE]\n                      [--depth DEPTH] [--verbose]\n\ndot dot slash - A automated Path Traversal Tester. Created by @jcesrstef.\n\noptional arguments:\n  -h, --help            show this help message and exit\n  --url URL, -u URL     Url to attack.\n  --string STRING, -s STRING\n                        String in --url to attack. Ex: document.pdf\n  --cookie COOKIE, -c COOKIE\n                        Document cookie.\n  --depth DEPTH, -d DEPTH\n                        How deep we will go?\n  --verbose, -v         Show requests\n```\n\nExample:\n\n```\npython3 dotdotslash.py \\\n--url \"http://192.168.58.101/bWAPP/directory_traversal_1.php?page=a.txt\" \\\n--string \"a.txt\" \\\n--cookie \"PHPSESSID=089b49151627773d699c277c769d67cb; security_level=3\"\n\n```\n# Let Me Know What You Think\n* My Twitter: https://twitter.com/jcesarstef\n* My Linkedin: https://www.linkedin.com/in/jcesarstef\n* My Blog(Brazilian Portuguese only for now): http://www.inseguro.com.br\n","funding_links":[],"categories":["\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","Security","Python","Python (1887)","Hardening"],"sub_categories":["\u003ca id=\"9d1ce4a40c660c0ce15aec6daf7f56dd\"\u003e\u003c/a\u003e未分类-Vul","WebServers"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjcesarstef%2Fdotdotslash","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjcesarstef%2Fdotdotslash","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjcesarstef%2Fdotdotslash/lists"}