- **Payload Generator**: It creates payloads/wordlists for different attack types.
7
7
- **Local File Inclusion, Directory Traversal**: It creates file dictionary lists with various encoding and escaping characters.
8
8
- **Command Injection / Remote Code Execution**: It creates command dictionary lists for both unix and windows environments with different combinations.
9
-
- **SQL Injection**: It creates Stacked Queries, Boolean-Based, Union-Based,Time-Based and Order-Based SQL Injection wordlist for various databases to help finding vulnerable spots.
9
+
- **SQL Injection**: It creates Stacked Queries, Boolean-Based, Union-Based and Time-Based SQL Injection wordlist for various databases to help finding vulnerable spots.
10
10
- **Authorization Matrix**: It creates an access role matrix based on user sessions and URL lists to determine authorization/authentication related access violation issues.
11
11
- And **Copy as JavaScript**: It converts Http requests to JavaScript code to be useful for further XSS exploitation and more.<br/><br/>
It generates payloads for Stacked Queries, Boolean-Based, Union-Based, Time-Based,Order-Based SQL Injection attacks, and you do not need to supply any inputs. You just pick what type of SQL attacks and databases you want, then it will generate a wordlist with different combinations.
52
+
It generates payloads for Stacked Queries, Boolean-Based, Union-Based, Time-Based SQL Injection attacks, and you do not need to supply any inputs. You just pick what type of SQL attacks and databases you want, then it will generate a wordlist with different combinations.
53
53
54
54
**'URL Encoding'** encodes dictionary output.
55
55
56
56
**'Waf Bypass'** asks for if you want to include all bypass features; like null bytes, different encoding, etc.
57
57
58
-
**'Union-Based'** and**'Order-Based'**ask for how deep the payload should be. The default value is 5.
58
+
**'Union-Based'** ask for how deep the payload should be. The default value is 5.
59
59
60
60
And the rest is related with database and attack types.