ppmap

A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the global context) to perform XSS via Prototype Pollution. NOTE: The program only exploits known gadgets, but does not cover code analysis or any advanced Prototype Pollution exploitation, which may include custom gadgets.

Workflow:
- Identify if the website is vulnerable to Prototype Pollution by heuristic scan
- Fingerprint the known gadgets
- Display the final XSS payload which can be exploited