Agartha

Agartha is a comprehensive security testing tool that specializes in payload generation for injection vulnerabilities and assessment of authentication and authorization issues. It generates extensive wordlists for SQL Injection, Local File Inclusion (LFI), and Remote Code Execution (RCE) attacks, with support for BCheck integration. The extension also constructs user access matrices to identify privilege escalation paths, performs HTTP 403 bypass testing, converts requests to JavaScript for XSS exploitation, and automates Bambdas script generation.

Features

• Generate comprehensive injection payloads instantly for SQLi, LFI, and RCE testing with built-in WAF bypass techniques
• Visualize user access permissions in a color-coded matrix to quickly spot privilege escalation and authorization flaws
• Automatically test HTTP 403 bypass techniques to reveal hidden endpoints and misconfigured access controls
• Convert injection payloads to BCheck code for automated scanner integration and vulnerability detection at scale
• Auto-generate Bambdas scripts to filter and color-code proxy history by scope and vulnerability patterns
• Transform HTTP requests to JavaScript fetch code for advanced XSS testing and header restriction bypasses

Usage

Payload Generator

1. Navigate to the Payload Generator tab and select attack type (LFI, RCE, or SQLi)
2. Configure options such as depth (for LFI/Union-Based SQLi), WAF bypass, URL encoding, and target databases/vectors
3. Click "Generate the Payloads" for a classic wordlist to use with Intruder or Repeater

Authorization Matrix

1. Right-click any request and select Extensions → Agartha → Auth Matrix to define user sessions
2. Add up to four users with their session headers using the "Add User" button
3. Provide URL lists manually or use the Spider button to automatically crawl URLs from user sessions
4. Select request method (GET, POST, or Dynamic based on proxy history) and click "Run"
5. Review the color-coded matrix where red indicates critical access violations (HTTP 200 with matching content), orange shows potential issues (HTTP 200 with different content), and yellow indicates redirections (HTTP 302)

403 Bypass

1. For authentication testing: click "Load Requests" to import proxy history with session identifiers automatically removed
2. For privilege escalation testing: right-click individual requests to send them with session identifiers intact
3. Configure optional filters (URL grouping, time range, keywords) to focus testing scope
4. Click "Run" to test various bypass techniques including URL manipulation and header modification
5. Review results where red cells indicate successful bypasses

BCheck Code Generator

1. In the Payload Generator tab, configure your desired attack type and options (LFI, RCE, or SQLi)
2. Click "Generate payloads for BCheck" to automatically generate BCheck-compatible code (code is copied to clipboard)
3. Go to "Extensions → BChecks → New → Blank" and paste the generated code
4. For manual testing: right-click an HTTP request, select "Send to BChecks Editor", select your BCheck, and click "Run test"
5. For automated scanning: right-click an HTTP request, choose "Open Scan Launcher", then "Scan configuration → Select from library → Audit checks - BChecks only"
6. Fine-tune the generated code by refining filters (HTTP response codes, keywords) to reduce false positives

Bambdas Generator

1. Navigate to the Bambdas Generator tab and configure general settings (scope, file extensions, colors, time range)
2. Define search criteria for URLs, requests, or responses (HTML comments, vulnerable JS functions, valuable keywords, parameter-based vulnerability identifiers)
3. Specify testing scope, already tested URLs, and blacklisted URLs using path patterns (supports wildcards and placeholders)
4. Click "Run" to generate the Bambdas script
5. Apply the script either temporarily ("Proxy → HTTP History → Bambda Mode") or permanently ("Extensions → Bambda Library → New → Blank")

Copy as JavaScript

Right-click any HTTP request and select "Extensions → Agartha → Copy as JavaScript". The generated JavaScript code will be automatically copied to your clipboard.