InputProbe is a powerful tool designed for penetration testers to enhance their attack vector by gathering URLs recursively from a specified webpage. It intelligently parses the source code of the provided page extracting URLs and displaying all input fields found within these URLs. This tool is invaluable for conducting a variety of attacks including SQL injection (SQLi) cross-site scripting (XSS) server-side template injection (SSTI) code injection and many other injection attacks.
Run the script with the following command:
python inputprobe.py <url> [--recursive] [-o OUTPUT_FILE] [-u USER_AGENT]<url>: The URL to start with.--recursive: (Optional) Enable recursive URL grabbing.-o OUTPUT_FILE: (Optional) Specify an output file to write input fields.-u USER_AGENT: (Optional) Specify a custom user agent.
For example:
python inputprobe.py https://example.com --recursive -o output.txt -u "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"This will fetch URLs from the given webpage recursively, display input fields found within those URLs, and write the input fields to the specified output file if provided.
1. Clone the repository:
git clone https://github.com/iraklichubinidze/inputprobe.git
2. Navigate to the directory:
cd inputprobe
3. Install the dependencies:
pip install -r requirements.txt