PwnTraverse

by odaysec 4 months ago

GNU/Linux • screen • bash 257 views

PwnTraverse is an advanced Path Traversal & Endpoint Vulnerability Scanner designed for security researchers, bug bounty hunters, and penetration testers. This tool automates the discovery of Path Traversal vulnerabilities and related CVEs, helping security professionals quickly assess and report security issues.

Key Features

Automated Path Traversal Detection
Scans and detects path traversal vulnerabilities using a variety of payloads (../, double-encoding, bypass tricks).
Deep Directory Enumeration
Performs intelligent directory brute-forcing to uncover hidden files and endpoints.
CVE & Endpoint Mapping
Correlates discovered endpoints with known CVEs and potential LFI/RCE attack surfaces.
Clean & Actionable Reports
Generates structured vulnerability reports for easy documentation and bug bounty submission.

More recordings by odaysec

Path Crawler CLI 1:05

by odaysec 9 months ago

https://asciinema.org/a/742271

Copied!

Append ?t=30 to start the playback at 30s, ?t=3:20 to start the playback at 3m 20s.

See sharing docs for more link customization options.

Embed as image link

Use snippets below to display a preview image linking to this recording.
Ideal for places where scripts are not allowed, such as project README files.

HTML:

<a href="https://asciinema.org/a/742271" target="_blank"><img src="https://asciinema.org/a/742271.svg" /></a>

Copied!

Markdown:

[![asciicast](https://asciinema.org/a/742271.svg)](https://asciinema.org/a/742271)

Copied!

Embed the player

If you're embedding on your own page or on a site which permits script tags, you can use the full player widget:

<script src="https://asciinema.org/a/742271.js" id="asciicast-742271" async="true"></script>

Copied!

Paste the above script tag where you want the player to be displayed on your page.

See embedding docs for more player customization options.

You can download this recording in asciicast v2 format, as a .cast file.

Download

Replay in terminal

You can replay the downloaded recording in your terminal using the asciinema play command:

asciinema play 742271.cast

Copied!

If you don't have asciinema CLI installed then see installation instructions.

Use with stand-alone player on your website

Download asciinema player from the releases page (you only need .js and .css file), then use it like this:

<!DOCTYPE html>
<html>
<head>
  <link rel="stylesheet" type="text/css" href="/assets/asciinema-player.css" />
</head>
<body>
  <div id="player"></div>
  <script src="/assets/asciinema-player.min.js"></script>
  <script>
    AsciinemaPlayer.create(
      '/assets/742271.cast',
      document.getElementById('player'),
      { cols: 269, rows: 61 }
    );
  </script>
</body>
</html>

See asciinema player quick-start guide for full usage instructions.

While this site doesn't provide GIF conversion at the moment, you can still do it yourself with the help of asciinema GIF generator utility - agg.

Once you have it installed, generate a GIF with the following command:

agg https://asciinema.org/a/742271 demo.gif

Copied!

Or, if you already downloaded the recording file:

agg demo.cast demo.gif

Copied!

Check agg --help for all available options. You can change font family and size, select color theme, adjust speed and more.

See agg manual for full usage instructions.