A simple and fast tool to check the validity of sitemap within a website/url.
gh repo clone hamza-avvan/suppip install -r requirements.txtOr use this command:
python3 -m pip install termcolor python3 sup.py filetoscan.txt [-o outfile.txt]
A sample usage of sup:
gau example.com > urls.txt; cat urls.txt | grep -i sitemap > sitemapurls.txt | sort sitemapurls.txt | uniq > sitemapurls.txt
python3 sup.py sitemapurls.txtIt's well known that most of the time, the hidden gem aka Blind SQLi vulnerability found inside sitemap page. You just need to find the correct parameter and the magic would happen. You can use this tool in conjunction with other to scan valid sitemap urls and get a head start in bug bounty game.
By leveraging this tool, you can efficiently explore sitemaps and increase your chances of uncovering critical vulnerabilities. It would a valuable addition to your bug hunting toolkit, empowering you to find those elusive Blind SQLi vulnerabilities that may have gone unnoticed. Don't miss out on this opportunity to level up your bug bounty skills!
Bonus: It's mostly the offset guy 😎