- **Command Injection / Remote Code Execution**: It creates command dictionary lists for both unix and windows environments with different combinations.
9
9
- **SQL Injection**: It creates Stacked Queries, Boolean-Based, Union-Based, Time-Based and Order-Based SQL Injection wordlist for various databases to help finding vulnerable spots.
10
10
- **Authorization Matrix**: It creates an access role matrix based on user sessions and URL lists to determine authorization/authentication related access violation issues.
11
-
- And **HttpRequestto JavaScriptConverter**: It converts Http requests to JavaScript code to be useful for further XSS exploitation and more.<br/><br/>
11
+
- And **Copyas JavaScript**: It converts Http requests to JavaScript code to be useful for further XSS exploitation and more.<br/><br/>
12
12
13
13
Here is a small tutorial how to use.
14
14
skipped 83 lines
98
98
You may also notice, it support only one Http request method and user session at the same time, because it processes bulk requests and it is not possible to provide different header options for each calls. But you may play with 'GET/POST' methods to see response differences.<br/><br/>
99
99
100
100
101
-
## Http Request to JavaScript Converter
101
+
## Copy as JavaScript
102
102
The feature is for converting Http requests to JavaScript code. It can be useful to dig up further XSS issues and bypass header restrictions.
103
103
104
104
To access it, right click any Http Request and 'Extensions > Agartha > Copy as JavaScript'.