VULNERABILITY_SCANNER

How to discover a vulnerability in a web application?

1. Go into every possible page.

2. Look for ways to send data to web application(URL + Forms).

3. Send payloads to discover vulnerabilities.

4. Analyze the response to check of the website is vulnerable.

->General steps are the same regardless of the vulnerability.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url):

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vulnerability scanner.

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl(target_url)

The Python program runs fine.

Polish the Python code using Default Parameters.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url=None):

        if url == None:

            url = self.target_url

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vuln_scanner:

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl()

Python Ethical Hacking - VULNERABILITY SCANNER(2)的更多相关文章

  1. Python Ethical Hacking - VULNERABILITY SCANNER(9)

    Automatically Discovering Vulnerabilities Using the Vulnerability Scanner 1. Modify the run_scanner ...

  2. Python Ethical Hacking - VULNERABILITY SCANNER(7)

    VULNERABILITY_SCANNER How to discover a vulnerability in a web application? 1. Go into every possibl ...

  3. Python Ethical Hacking - VULNERABILITY SCANNER(4)

    Extracting & Submitting Forms Automatically Target website:http://10.0.0.45/dvwa/vulnerabilities ...

  4. Python Ethical Hacking - VULNERABILITY SCANNER(8)

    Implementing Code To Discover XSS in Parameters 1. Watch the URL of the XSS reflected page carefully ...

  5. Python Ethical Hacking - VULNERABILITY SCANNER(3)

    Polish the Python code using sending requests in a session Class Scanner. #!/usr/bin/env python impo ...

  6. Python Ethical Hacking - VULNERABILITY SCANNER(1)

    HTTP REQUESTS BASIC INFORMATION FLOW The user clicks on a link. HTML website generates a request(cli ...

  7. Python Ethical Hacking - VULNERABILITY SCANNER(6)

    EXPLOITATION - XSS VULNS EXPLOITING XSS Run any javascript code. Beef framework can be used to hook ...

  8. Python Ethical Hacking - VULNERABILITY SCANNER(5)

    EXPLOITATION - XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript cod ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. cb15a_c++_vector容器的自增长_每次增加百分之50

    cb15a_c++_vector容器的自增长_每次增加百分之50每次自动容量代销扩充,增加百分之50_for windows C++,vector是用数组做出来的->数组的缺点和优点优点:具有下 ...

  2. 面试问Redis集群,被虐的不行了......

    哨兵主要针对单节点故障无法自动恢复的解决方案,集群主要针对单节点容量.并发问题.线性可扩展性的解决方案.本文使用官方提供的redis cluster.文末有你们想要的设置ssh背景哦! 本文主要围绕如 ...

  3. ROC曲线 vs Precision-Recall曲线

    深入理解对比两个曲线各自的特性和相互的差异需要花不少时间研读一些国外的技术博客与相关paper,暂时先列出下面这么多,这部分后续可以继续补充. ROC曲线和AUC的定义可以参看“ROC曲线于AUC”, ...

  4. Redis->主从复制->哨兵模式(高可用)

    一:安装redis $ yum -y install gcc $ yum -y install gcc-c++ $ wget http://download.redis.io/releases/red ...

  5. java小项目——抽奖系统

    来了来了!这不又到考试周了吗!愁人,又得复习,复习,复习!这段时间每天都在复习线代和高数!(说是复习,说实话其实是在预习,啊哈哈哈哈哈),得有一段时间都没有学到新的知识了,代码感觉都生疏了,惆怅.博客 ...

  6. 用VMware克隆CentOS 6.5如何进行网络设置

    我们使用虚拟机的克隆工具克隆出了一个电脑,电脑连接采用nat方式 111电脑对于的ip地址设置如下 [root@localhost ~]# cd /etc/sysconfig/network-scri ...

  7. Javascript的单线程和异步编程

    运行时概念 下面的内容解释了一个理论上的模型.现代 JavaScript 引擎着重实现和优化了描述的几个语义. 可视化描述 栈 函数调用形成了一个栈帧. function foo(b) { var a ...

  8. Selenium+Python调Chrome浏览器时报Traceback (most recent call last): File "C:/Users/EDZ/Desktop/selenium_demo/demo001.py", line 12, in <module>

    上次使用Selenium+Python还是好几个月前了 今天想再用一下,结果写个打开网站的小demo报错,报错如下: 检查了一下,查看报错日志,应该是chrome版本和driver版本不一致导致的. ...

  9. druid18.1版本sing-server启动报错

    正文 昨天下载了一个18版本的driud打算在虚拟机探究一下,然后按照官网的启动方式启动了,每个失败.官网是/bin/start-micro-quickstart,我们去看他的单机启动配置 http: ...

  10. Python3-算法-冒泡排序

    冒泡排序 它重复地走访过要排序的数列,一次比较两个元素,如果他们的顺序错误就把他们交换过来,走访数列的工作是重复地进行直到没有再需要交换,也就是说该数列已经排序完成,这个算法的名字由来是因为越大的元素 ...