Mass Assigner is a powerful tool designed to identify and exploit mass assignment vulnerabilities in web applications. It achieves this by first retrieving data from a specified request, such as fetching user profile data. Then, it systematically attempts to apply each parameter extracted from the response to a second request provided, one parameter at a time. This approach allows for the automated testing and exploitation of potential mass assignment vulnerabilities. Disclaimer This tool actively modifies server-side data. Please ensure you have proper authorization before use. Any unauthorized or illegal activity using this tool is entirely at your own risk. Features Enables the addition of custom headers within requests Offers customization of various HTTP methods for both origin and target requests Supports rate-limiting to manage request thresholds effectively Provides the option to specify "ignored parameters" which the tool will ignore during execution Improved the support in nested arrays/objects inside JSON data in responses What's Next Support additional content types, such as "application/x-www-form-urlencoded" Installation & Usage Install requirements pip3 install -r requirements.txt Run the script python3 mass_assigner.py –fetch-from "https://example.com/path-to-fetch-data" –target-req "https://example.com/path-to-probe-the-data" Arguments Forbidden Buster accepts the following arguments: -h, –help show this help message and exit …Read More