VULNERABILITY_SCANNER

How to discover a vulnerability in a web application?

1. Go into every possible page.

2. Look for ways to send data to web application(URL + Forms).

3. Send payloads to discover vulnerabilities.

4. Analyze the response to check of the website is vulnerable.

->General steps are the same regardless of the vulnerability.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url):

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vulnerability scanner.

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl(target_url)

The Python program runs fine.

Polish the Python code using Default Parameters.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url=None):

        if url == None:

            url = self.target_url

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vuln_scanner:

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl()

Python Ethical Hacking - VULNERABILITY SCANNER(2)的更多相关文章

  1. Python Ethical Hacking - VULNERABILITY SCANNER(9)

    Automatically Discovering Vulnerabilities Using the Vulnerability Scanner 1. Modify the run_scanner ...

  2. Python Ethical Hacking - VULNERABILITY SCANNER(7)

    VULNERABILITY_SCANNER How to discover a vulnerability in a web application? 1. Go into every possibl ...

  3. Python Ethical Hacking - VULNERABILITY SCANNER(4)

    Extracting & Submitting Forms Automatically Target website:http://10.0.0.45/dvwa/vulnerabilities ...

  4. Python Ethical Hacking - VULNERABILITY SCANNER(8)

    Implementing Code To Discover XSS in Parameters 1. Watch the URL of the XSS reflected page carefully ...

  5. Python Ethical Hacking - VULNERABILITY SCANNER(3)

    Polish the Python code using sending requests in a session Class Scanner. #!/usr/bin/env python impo ...

  6. Python Ethical Hacking - VULNERABILITY SCANNER(1)

    HTTP REQUESTS BASIC INFORMATION FLOW The user clicks on a link. HTML website generates a request(cli ...

  7. Python Ethical Hacking - VULNERABILITY SCANNER(6)

    EXPLOITATION - XSS VULNS EXPLOITING XSS Run any javascript code. Beef framework can be used to hook ...

  8. Python Ethical Hacking - VULNERABILITY SCANNER(5)

    EXPLOITATION - XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript cod ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. 深入理解Java虚拟机学习笔记(二)-----垃圾收集器与内存分配策略

    写在前面 本节常见面试题: 如何判断对象是否死亡(两种方法). 简单的介绍一下强引用.软引用.弱引用.虚引用(虚引用与软引用和弱引用的区别.使用软引用能带来的好处). 如何判断一个常量是废弃常量 如何 ...

  2. 记一次uboot升级过程的两个坑

    背景 之前做过一次uboot的升级,当时留下了一些记录,本文摘录其中比较有意思的两个问题. 启动失败问题 问题简述 uboot代码中用到了一个库,考虑到库本身跟uboot版本没什么关系,就直接把旧的库 ...

  3. redis配置文件中slave-serve-stale-data的解释

    redis.conf文件中可以看到slave-serve-stale-data这个参数,作用是什么? 原文解释: # When a slave loses its connection with th ...

  4. Day11-微信小程序实战-交友小程序-附近的人(地图的形式)及位置获取

    回顾:在下面的tabbar中,我们已经实现了首页 消息 我的,就剩下”附近“页面了 ”附近“的页面主要是用地图来进行展示的(可以显示我的位置,也可以显示周围附近的人的位置) (在地图里面点击它的头像的 ...

  5. java多线程并发执行demo,主线程阻塞

    其中有四个知识点我单独罗列了出来,属于多线程编程中需要知道的知识: 知识点1:X,T为泛型,为什么要用泛型,泛型和Object的区别请看:https://www.cnblogs.com/xiaoxio ...

  6. javaScript的三种储存方式

    (一).SessionStorage     会话储存 (二).localStorage           本地储存 (三).Cookier                   现实中为:饼干    ...

  7. 【未完待续】MVC 之HTML辅助方法

    顾名思义,HTML辅助方法(HTML Helper)就是用来辅助产生HTML之用, 在开发View的时候一定会面对许多HTML标签,处理这些HTML的工作非常繁琐,为了降低View的复杂度,可以使用H ...

  8. JavaScript基础JavaScript的常用编码惯例(007)

    采用一定的编码惯例,可以使得项目中的代码提到较高的一致性,可读性和可预测性. 1.缩进缩 进可以提高代码的可读性.不过错误的缩进也可能导致代码的误读.有人认为缩进应该使用tab,另外的一些人主张采用4 ...

  9. JavaScript基础关于JSON(011)

    JSON意即JavaScript Object Notation,是JavaScript里数据表示的通用格式,JSON数据格式很象JavaScript里的对象: {"name": ...

  10. QtableWidget用法流程

    QtableWidget用法流程 ​ 作者:流火 日期:2020/5/10 QTableWidget的基本构造函数 QTableWidget 是QTableview的子类.主要去呗是QTableVie ...