Vailyn is a multi-phased vulnerability analysis and exploitation tool for path traversal/directory climbing vulnerabilities.
How does it work?
Vailyn operates in 2 phases. First, it checks if the vulnerability is present. It does so by trying to access /etc/passwd, with all of its evasive payloads. Analysing the response, payloads that worked are separated from the others.
Since v1.1, a custom file to check can be specified by argument.
Now, the user can choose freely which payloads to use. Only these payloads will be used in the second phase.