yehia-mamdouh / contact_us_exploit Goto Github PK

#Contact_us_Auth_ASPX_Exploit -- is a python script able to flood Web Server (use ASPX) through Contact_us page if the website didn't implement Captcha, 2 another files included with the script, event.txt wich is the Vewstate which use by ASPX for sending any request with a website and that only a sample of view-state, auth.txt which is a Authentication text used by the script if contact us page require any authentication - if not required delete Auth part from the script

#Email-Bomp_Reset_Password -- is a python script able to flood Email in-box through functionality of Email Reset password page that exist in any website use (PHP) if the didn't implement Captchha

How To Use?

Contat_us_Exploit_ASPX_Exploit ---> You need first to open contact us page - then intercapte the requests through burpsuite or Owas-Zap - then open the script and put the hostname in the header - and URL of contact us page - then copy the Viewstate and paste in the txt (event.txt) - if authentication required just put auth data on auth.txt, if not required delete it from the script

Email-Bomp_Reset_Password ---> You need first to open forget password page - then intercapte the requests through burpsuite or Owas-Zap - then open the script and put the hostname in the header - and URL of forget password page - Then run :)