Removes everything after .php in a text file with endpoints and adds a "~", which can stop the file from executing and instead shows the backend source code from that one file aswell it does 1 request to each URL looking for PHP source code, atm its searching for <?php, soon might add more extensions like ASP, Ruby, Perl etc maybe a tool trying to find SQL erros etc. It have a counter counting how long the process takes, about 450 URLs takes about 5 mins. Even tho a bug bounty program probably makes it a informative unless there are many which are rare, the tool can be good to craft your own exploits especially on lower versions of PHP.
a6thmfsin/PHP-source-code-finder
Removes everything after .php adds a ~ and does 1 request to each URL looking for PHP source code.
Python