pphack icon indicating copy to clipboard operation
pphack copied to clipboard
verified publisher icon edoardottt

Automatic Prototype Pollution Exploitation

Open edoardottt opened this issue 11 months ago • 0 comments

The desired behavior would be having a new flag -e (-exploit) in scan input. pphack then will try to produce a PoC URL for the exploit (e.g. XSS) based on the vulnerable technology.

Are we sure about chromedp alert box detection? maybe js detection is better...

  • WAF checks?
  • Check JSON output too.

edoardottt avatar Jan 26 '25 14:01 edoardottt