VULNERABILITY_SCANNER

How to discover a vulnerability in a web application?

1. Go into every possible page.

2. Look for ways to send data to web application(URL + Forms).

3. Send payloads to discover vulnerabilities.

4. Analyze the response to check of the website is vulnerable.

->General steps are the same regardless of the vulnerability.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url):

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vulnerability scanner.

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl(target_url)

The Python program runs fine.

Polish the Python code using Default Parameters.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url=None):

        if url == None:

            url = self.target_url

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vuln_scanner:

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl()

Python Ethical Hacking - VULNERABILITY SCANNER(2)的更多相关文章

  1. Python Ethical Hacking - VULNERABILITY SCANNER(9)

    Automatically Discovering Vulnerabilities Using the Vulnerability Scanner 1. Modify the run_scanner ...

  2. Python Ethical Hacking - VULNERABILITY SCANNER(7)

    VULNERABILITY_SCANNER How to discover a vulnerability in a web application? 1. Go into every possibl ...

  3. Python Ethical Hacking - VULNERABILITY SCANNER(4)

    Extracting & Submitting Forms Automatically Target website:http://10.0.0.45/dvwa/vulnerabilities ...

  4. Python Ethical Hacking - VULNERABILITY SCANNER(8)

    Implementing Code To Discover XSS in Parameters 1. Watch the URL of the XSS reflected page carefully ...

  5. Python Ethical Hacking - VULNERABILITY SCANNER(3)

    Polish the Python code using sending requests in a session Class Scanner. #!/usr/bin/env python impo ...

  6. Python Ethical Hacking - VULNERABILITY SCANNER(1)

    HTTP REQUESTS BASIC INFORMATION FLOW The user clicks on a link. HTML website generates a request(cli ...

  7. Python Ethical Hacking - VULNERABILITY SCANNER(6)

    EXPLOITATION - XSS VULNS EXPLOITING XSS Run any javascript code. Beef framework can be used to hook ...

  8. Python Ethical Hacking - VULNERABILITY SCANNER(5)

    EXPLOITATION - XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript cod ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. add shell 出现 error: no devices/emulators found

    解决方案: adb kill-server adb reconnect

  2. jwt 工具类

    public class TokenUtils { private Logger logger = LoggerFactory.getLogger(this.getClass()); /** * 签名 ...

  3. JavaWeb网上图书商城完整项目--day02-25.查询所有分类功能之流程分析

    分类模块的业务流程入下面所示:

  4. c语言中的c语言中realloc()函数解析

    c语言中realloc()函数解析 真是有点惭愧,这些内容本应该很早就掌握的,以前只是糊里糊涂的用,不知道在内存中具体是怎么回事,现在才弄清楚. realloc(void *__ptr, size_t ...

  5. [强化学习]Part1:强化学习初印象

    引入 智能 人工智能 强化学习初印象 强化学习的相关资料 经典书籍推荐:<Reinforcement Learning:An Introduction(强化学习导论)>(强化学习教父Ric ...

  6. C# 9.0 终于来了, Top-level programs 和 Partial Methods 两大新特性探究

    一:背景 1. 讲故事 .NET 5 终于在 6月25日 发布了第六个预览版,随之而来的是更多的新特性加入到了 C# 9 Preview 中,这个系列也可以继续往下写了,废话不多说,今天来看一下 To ...

  7. day18__文件操作

    一.3 种模式 r: 只读模式,        r+: 读写模式,覆盖开头内容 w: 写模式,全覆盖 (如果是没有的文件则重新创建空文件) a+:  读写模式,从最开头写,覆盖开头内容 (如果是没有的 ...

  8. webpack入门进阶(2)

    1.4.webpack-dev-server webpack-dev-server是我们在开发阶段需要用到的一个服务器,它会把代码打包到内存,我们可以通过http的方式访问到打包到内存的代码 安装 n ...

  9. NodeMCU手把手入门:配置NodeMCU ESP8266开发板环境及点亮LED灯

    之前一直在玩树莓派,最近实验室买了些NodeMCU就想着玩一玩,没想到挺有意思的.其实树莓派能实现的功能,它大部分也可以,价格比派也便宜不少,舍不得买派的同学可以先买这个开发板玩一玩. 本文主要介绍了 ...

  10. ORACLE误删除表数据或误更新/插入数据如何恢复

    工作中一不小心将本不该删除/更新/插入的数据进行删除/更新/插入了,这时候一定要尽快进行恢复. 工具/原料   PL/SQL 方法/步骤     首先新建一张测试表TEST,里面输入记录.由于删除/更 ...