This repository is for educational purposes only, and I am not responsible for using any of the techniques described here for illegal usage.
While I've written Hack Steps for each lab to guide you in writing scripts, the repository assumes that you already know how to solve the labs and want to do so using scripts to practice writing robust ones. That means you may not find a detailed explanation for some payloads.
I utilized the Burp Collaborator in labs requiring out-of-band interactions. To follow these labs, you'll need a licensed version of Burp Pro, or you can modify the scripts to utilize a remote server under your control.
There are some labs that you may find trivial in their solutions and don't necessarily require a script. In fact, solving them without a script might be faster and easier. I have only written scripts for these labs for the completeness of this repository. Feel free to skip them if you prefer.
Since this repository is intended for learning, I've omitted some error handling to keep things simple. I believe this won't significantly impact your testing of scripts.
If you encounter any issues or have suggestions for improvement while working with these scripts, feel free to open an issue. Your feedback is valuable, and I appreciate your contributions to enhance the learning experience for everyone.
If your goal is to quickly write a script, then Python will be your best friend. However, if you prioritize efficiency, seeking faster runtime and script robustness, there are better options available than Python. I recommend checking out the WebSecurity Academy with Rust repository in which I have solved the same labs using Rust in both single-threaded and multi-threaded programming approaches.
If you appreciate the work and find it valuable, please consider giving this repository a star. Your support is greatly appreciated and helps to showcase the popularity and significance of the project.