The cutting-edge Client-Side Prototype Pollution Scanner. In this article, we’ll delve into the installation process, usage, and features of pphack, a powerful tool for web security professionals and red teamers.
Discover how pphack can help you identify and mitigate prototype pollution vulnerabilities in web applications.
The Most Advanced Client-Side Prototype Pollution Scanner
go install github.com/edoardottt/pphack/cmd/pphack@latest
pphack relies on chromedp
, so you need a Chrome or Chromium browser.
Usage:
pphack [flags]
Flags:
INPUT:
-u, -url string Input URL
-l, -list string File containing input URLs
CONFIGURATION:
-c, -concurrency int Concurrency level (default 50)
-t, -timeout int Connection timeout in seconds (default 10)
-px, -proxy string Set a proxy server (URL)
-rl, -rate-limit int Set a rate limit (per second)
-ua, -user-agent string Set a custom User Agent (random by default)
SCAN:
-p, -payload string Custom payload
-js, -javascript string Run custom Javascript on target
-jsf, -javascript-file string File containing custom Javascript to run on target
OUTPUT:
-o, -output string File to write output results
-v, -verbose Verbose output
-s, -silent Silent output. Print only results
Scan a single URL
pphack -u https://edoardottt.github.io/pp-test/
echo https://edoardottt.github.io/pp-test/ | pphack
Scan a list of URLs
pphack -l targets.txt
cat targets.txt | pphack
Read the Wiki to understand how to use pphack.
Detailed changes for each release are documented in the release notes.
Just open an issue / pull request.
Before opening a pull request, download golangci-lint and run
golangci-lint run
Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…
The touch command is one of the quickest ways to create new empty files or update timestamps…
Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…
Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…
Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…