Metadata-Version: 2.1
Name: ptsamesite
Version: 1.0.2
Summary: Same Site Scripting Detection Tool
Home-page: https://www.penterep.com/
Author: Penterep
Author-email: info@penterep.com
License: GPLv3
Project-URL: homepage, https://www.penterep.com/
Project-URL: repository, https://github.com/penterep/ptsamesite
Project-URL: tracker, https://github.com/penterep/ptsamesite/issues
Project-URL: changelog, https://github.com/penterep/ptsamesite/blob/main/CHANGELOG.md
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Environment :: Console
Classifier: Topic :: Security
Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3)
Requires-Python: >=3.9
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: ptlibs<2,>=1.0.7
Requires-Dist: dnspython>=2.1

[![penterepTools](https://www.penterep.com/external/penterepToolsLogo.png)](https://www.penterep.com/)


## PTSAMESITE - Same Site Scripting Detection Tool

ptsamesite is a tool designed to detect same-site scripting vulnerabilities across various domains.

## Installation

```
pip install ptsamesite
```

## Adding to PATH
If you're unable to invoke the script from your terminal, it's likely because it's not included in your PATH. You can resolve this issue by executing the following commands, depending on the shell you're using:

For Bash Users
```bash
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.bashrc
source ~/.bashrc
```

For ZSH Users
```bash
echo "export PATH=\"`python3 -m site --user-base`/bin:\$PATH\"" >> ~/.zshrc
source ~/.zshrc
```

## Usage examples
```
ptsamesite -d example.com                               # Test domain
ptsamesite -d example.com example2.com                  # Test two domains
ptsamesite -d subdomain1.subdomain2.example.com -s      # Test domain along with all subdomains
ptsamesite -f domain_list.txt                           # Test domains from a file
ptsamesite -f domains_list.txt -s -t 100 -V             # Test domains from a file with all subdomains, set threads to 100 and print only vulnerable domains
```

## Options
```
-d  --domain      <domain>   Test domain
-f  --file        <file>     Test domains from file
-s  --subdomains             Test all subdomains of given domain (default False)
-t  --threads     <threads>  Set number of threads (default 20)
-V  --vulnerable             Show only vulnerable domains
-v  --version                Show script version and exit
-h  --help                   Show this help message and exit
-j  --json                   Output in JSON format
```


## Dependencies
```
ptlibs
dnspython
```

## License

Copyright (c) 2024 Penterep Security s.r.o.

ptsamesite is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

ptsamesite is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with ptsamesite.  If not, see <https://www.gnu.org/licenses/>.

## Warning

You are only allowed to run the tool against the websites which
you have been given permission to pentest. We do not accept any
responsibility for any damage/harm that this application causes to your
computer, or your network. Penterep is not responsible for any illegal
or malicious use of this code. Be Ethical!
