This tool allows to automatically test for Content Security Policy bypass payloads.

Overview

CSPass

This tool allows to automatically test for Content Security Policy bypass payloads.

Usage

[cspass]$ ./cspass.py -h
usage: cspass.py [-h] [--no-colors] [-d] [-a] -t TARGET

Bypass CSP to perform a XSS

optional arguments:
  -h, --help            show this help message and exit
  --no-colors           Disable color mode
  -d, --dynamic         Use dynamic mode
  -a, --all-pages       Looking for vulnerability in all pages could be found

Required argument:
  -t TARGET, --target TARGET
                        Specify the target url

Contributing

Pull requests are welcome. Feel free to open an issue if you want to add other features.

You might also like...
Log4j exploit catcher, detect Log4Shell exploits and try to get payloads.

log4j_catcher Log4j exploit catcher, detect Log4Shell exploits and try to get payloads. This is a basic python server that listen on a port and logs i

Deobfuscate Log4Shell payloads with ease
Deobfuscate Log4Shell payloads with ease

Ox4Shell Deobfuscate Log4Shell payloads with ease. Description Since the release

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,

Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

A python script to bypass 403-forbidden.
A python script to bypass 403-forbidden.

4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us

Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. (Released due to exposure)

HCaptcha-Bypass Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. Not working? If it is not seeming to work for you

ProxyShell POC Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)

ProxyShell Install git clone https://github.com/ktecv2000/ProxyShell cd ProxyShell virtualenv -p $(which python3) venv source venv/bin/activate pip3 i

Bypass 4xx HTTP response status codes.
Bypass 4xx HTTP response status codes.

Forbidden Bypass 4xx HTTP response status codes. To see all the test cases, check the source code - follow the NOTE comments. Script uses multithreadi

Comments
  • Issue when formatting CSP

    Issue when formatting CSP

    Hi, after your presentation for TheBlackSide, I just wanted to try your tool briefly ^^.

    There seems to be an issue when formatting CSP. When running your tool, I have this issue: Traceback (most recent call last): File "cspass.py", line 364, in csps = page.format_csp() File "cspass.py", line 192, in format_csp csp[policyname] = " ".join(self.csp[policyname]) TypeError: 'str' object does not support item assignment

    I did not read the code thoroughly and do not have a lot of time today, but I think you probably just have an indentation issue in format_csp function (seems to work on my tests when fixing it and it did not seem to break something else (I only saw one call to format_csp)) : "csp = json.dumps(csp,indent=4 )" should not be in the for loop because then it is a string and no more a dictionary, so if you have more than one policy "policyname", it crashes. Just change its indentation (same as your "return csp" line just after).

    Thanks for your tool :)

    bug 
    opened by T0t0-0r0 1
Releases(v1.2)
  • v1.2(Jan 28, 2022)

    Features added: - Set cookies in requests - Policies fallback are used - Some patches are detected to reduce false positives

    Docker added with 3 vulnerable pages to try CSPass!

    Source code(tar.gz)
    Source code(zip)
  • 1.1(Nov 1, 2021)

    CSPass

    This tool allows to automatically test for Content Security Policy bypass payloads.

    Usage

    [cspass]$ ./cspass.py -h
    usage: cspass.py [-h] [--no-colors] [-d] [-a] -t TARGET
    
    Bypass CSP to perform a XSS
    
    optional arguments:
      -h, --help            show this help message and exit
      --no-colors           Disable color mode
      -d, --dynamic         Use dynamic mode
      -a, --all-pages       Looking for vulnerability in all pages could be found
    
    Required argument:
      -t TARGET, --target TARGET
                            Specify the target url
    
    Source code(tar.gz)
    Source code(zip)
Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Big-Papa is a remote cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication

77 Jan 03, 2023
log4j2 passive burp rce scanning tool get post cookie full parameter recognition

log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址

5 Dec 10, 2021
Anti Supercookie - Confusing the ISP & Escaping the Supercookie

Confusing the ISP & Escaping the Supercookie

Baris Dincer 2 Nov 22, 2022
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Víctor García 187 Jan 03, 2023
Brute force attack tool for Azure AD Autologon/Seamless SSO

Brute force attack tool for Azure AD Autologon

nyxgeek 89 Jan 02, 2023
A collection of intelligence about Log4Shell and its exploitation activity

Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex

Curated Intel 172 Nov 17, 2022
This is an advanced backdoor, created with Python

Backdoor This is a Backdoor, created with Python 3. Types of Commands: Downloading / Uploading files. Launching / Deleting / Reading file's content. S

swagkarna 28 Oct 28, 2022
Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app.

django-permissions-policy Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app. Requirements Python 3.

Adam Johnson 76 Nov 30, 2022
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

Nano 108 Dec 04, 2021
A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

James 41 Dec 30, 2022
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams

Mitiga 13 Jan 04, 2022
Android Malware Behavior Deleter

Android Malware Behavior Deleter UDcide UDcide is a tool that provides alternative way to deal with Android malware. We help you to detect and remove

27 Sep 23, 2022
Seamless deployment and management of cybersecurity solutions 🏗️

Description 🖼️ Background 👴🏼 Vision 📜 Concepts 💬 Solutions' Lifecycle. Operations ⭕ Functionalities 🚀 Supported Cybersecurity Solutions 📦 Insta

MutableSecurity 36 Nov 10, 2022
Automatic SQL injection and database takeover tool

sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of

sqlmapproject 25.7k Jan 08, 2023
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
Python library to remotely extract credentials on a set of hosts.

Python library to remotely extract credentials on a set of hosts.

Pixis 1.5k Dec 31, 2022
Python Password Generator

This is a console-based version of a password generator written with Python. The program generates a password based on numbers of letters, numbers, and symbols specified by the user. This is a simple

p.katekomol 1 Jan 24, 2022
ssh-audit is a tool for ssh server & client configuration auditing.

SSH server & client auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Joe Testa 1.4k Dec 31, 2022
一款针对向日葵的识别码和验证码提取工具

Sunflower_get_Password 一款针对向日葵的识别码和验证码提取工具 👮🏻‍♀️ 免责声明 由于传播、利用Sunflower_get_Password工具提供的功能而造成的任何直接或者间接的后果及损失,均由使用者本人负责,本人不为此承担任何责任。 安装环境 本工具使用Python

635 Dec 20, 2022
GRR Rapid Response: remote live forensics for incident response

GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu

Google 4.3k Jan 05, 2023