From 15c2d553198cd260144e3bbcc36bcfef5b4dcd7c Mon Sep 17 00:00:00 2001
From: VainlyStrain <51248447+VainlyStrain@users.noreply.github.com>
Date: Tue, 1 Sep 2020 23:48:26 +0200
Subject: [PATCH] Added Vailyn Tool in new Category
Added `Vailyn` (https://github.com/VainlyStrain/Vailyn) to a new Offensive category: **LFI & Path Traversal**
Vailyn is a tool to find Path Traversal & LFI vulnerabilities, and to exploit them. It uses a number of evasive payloads & techniques, and covers multiple attack vectors (query, path, cookie, POST data). Also, it provides a crawler for automation, a possibility to give an authentication cookie if needed, and a GUI for easy interaction. To improve performance, it detects the vulnerability in a first phase, and only uses confirmed working payloads in the exploitation phase (instead of using every combination with every file path).
In general, the tool should be production ready, however, only the newer reverse shell module is still in testing phase.
In case it doesn't meet the quality standards, I'd highly value your feedback. I'd be glad to improve it in any way I can :)
---
README.md | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/README.md b/README.md
index 54fdc11..7b2409f 100644
--- a/README.md
+++ b/README.md
@@ -98,6 +98,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [XXE](#tools-xxe)
- [CSRF](#tools-csrf)
- [SSRF](#tools-ssrf)
+ - [LFI & Path Traversal](#tools-lfi)
- [Detecting](#tools-detecting)
- [Preventing](#tools-preventing)
- [Proxy](#tools-proxy)
@@ -705,6 +706,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Open redirect/SSRF payload generator](https://tools.intigriti.io/redirector/) - Open redirect/SSRF payload generator by [intigriti](https://www.intigriti.com/).
+
+#### Path Traversal & Local File Inclusion
+
+- [Vailyn](https://github.com/VainlyStrain/Vailyn) - Evasive Path Traversal Detection and Exploitation Tool with Many Attack Vectors by [VainlyStrain](https://github.com/VainlyStrain)
+
### Leaking