VULNERABILITY_SCANNER

How to discover a vulnerability in a web application?

1. Go into every possible page.

2. Look for ways to send data to web application(URL + Forms).

3. Send payloads to discover vulnerabilities.

4. Analyze the response to check of the website is vulnerable.

->General steps are the same regardless of the vulnerability.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url):

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vulnerability scanner.

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl(target_url)

The Python program runs fine.

Polish the Python code using Default Parameters.

Class Scanner.

#!/usr/bin/env python

import requests

import re

from urllib.parse import urljoin

class Scanner:

    def __init__(self, url):

        self.target_url = url

        self.target_links = []

    def extract_links_from(self, url):

        response = requests.get(url)

        return re.findall('(?:href=")(.*?")', response.content.decode())

    def crawl(self, url=None):

        if url == None:

            url = self.target_url

        href_links = self.extract_links_from(url)

        for link in href_links:

            link = urljoin(url, link)

            if "#" in link:

                link = link.split("#")[0]

            if self.target_url in link and link not in self.target_links:

                self.target_links.append(link)

                print(link)

                self.crawl(link)

Vuln_scanner:

#!/usr/bin/env python

import scanner

target_url = "http://10.0.0.45/mutillidae/"

vuln_scanner = scanner.Scanner(target_url)

vuln_scanner.crawl()

Python Ethical Hacking - VULNERABILITY SCANNER(2)的更多相关文章

  1. Python Ethical Hacking - VULNERABILITY SCANNER(9)

    Automatically Discovering Vulnerabilities Using the Vulnerability Scanner 1. Modify the run_scanner ...

  2. Python Ethical Hacking - VULNERABILITY SCANNER(7)

    VULNERABILITY_SCANNER How to discover a vulnerability in a web application? 1. Go into every possibl ...

  3. Python Ethical Hacking - VULNERABILITY SCANNER(4)

    Extracting & Submitting Forms Automatically Target website:http://10.0.0.45/dvwa/vulnerabilities ...

  4. Python Ethical Hacking - VULNERABILITY SCANNER(8)

    Implementing Code To Discover XSS in Parameters 1. Watch the URL of the XSS reflected page carefully ...

  5. Python Ethical Hacking - VULNERABILITY SCANNER(3)

    Polish the Python code using sending requests in a session Class Scanner. #!/usr/bin/env python impo ...

  6. Python Ethical Hacking - VULNERABILITY SCANNER(1)

    HTTP REQUESTS BASIC INFORMATION FLOW The user clicks on a link. HTML website generates a request(cli ...

  7. Python Ethical Hacking - VULNERABILITY SCANNER(6)

    EXPLOITATION - XSS VULNS EXPLOITING XSS Run any javascript code. Beef framework can be used to hook ...

  8. Python Ethical Hacking - VULNERABILITY SCANNER(5)

    EXPLOITATION - XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript cod ...

  9. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

随机推荐

  1. Mysq数据库索引(B-Tree索引)

    一.B-Tree索引的底层结构 所有的值都是按顺序存储的,并且每一个叶子页到根的距离相同,如图所示,B-Tree索引的底层数据结构一般是B+树,反应了MyISAM索引是如何工作的.     二.B-T ...

  2. cc32b_demo-32dk2j_cpp_纯虚函数与抽象类2-txwtech

    cc32b_demo-32dk2j_cpp_纯虚函数与抽象类2-txwtech //纯虚函数是用来继承用的//纯虚函数//抽象类-抽象数据类型//*任何包含一个或者多个纯虚函数的类都是抽象类//*不要 ...

  3. 微信小程序之后端处理

    首先,来看一下后端的关系图: 这边主要介绍PHP的一些基础语法等等,关于将php代码部署到SAE新浪云,大家可以参考这个链接:https://www.cnblogs.com/dhx96/p/65617 ...

  4. 容器中的Java堆大小调整:快速,轻松

    在上一篇博客中,我们已经看到Java进行了改进,可以根据正在运行的环境(即物理机或容器(码头工人))识别内存.java的最初问题是,它无法弄清楚它是否在容器中运行,并且它曾经为容器运行所在的整个硬件捕 ...

  5. Zookeeper客户端Apache Curator

    本文不对Zookeeper进行介绍,主要介绍Curator怎么操作Zookeeper. Apache Curator是Apache ZooKeeper的Java / JVM客户端库,Apache Zo ...

  6. Java WebService学习笔记 - Axis(一)

    WebService 简介 实际开发中,很多系统都是基于历史遗留系统进行开发,有时,这些系统基于不同的语言,如C,C++,C#,java,PHP等等.为了实现历史系统的再利用,或向外部程序暴露调用接口 ...

  7. Python3-cx_Oracle模块-数据库操作之Oracle

    模块安装 1.安装cx_Oracle模块之前必须要安装Oracle客户端,否则无法使用 2.系统上需要装有对应版本的c++编译套件(Linux下:g++ Windows下:VC++) 参考文档 htt ...

  8. 关于html属性中onSubmit事件属性的使用

    看到一段onSubmit事件属性的例子,如下: <!DOCTYPE html> <html> <head> <script> function vali ...

  9. ceph luminous版本的安装部署

    1. 前期准备   本次安装环境为:   ceph1(集群命令分发管控,提供磁盘服务集群) CentOs7.5 10.160.20.28   ceph2(提供磁盘服务集群) CentOs7.5 10. ...

  10. Redis高级特性介绍以及实例分析

    Redis基础类型回顾 转自:http://www.jianshu.com/p/af7043e6c8f9 String Redis中最基本,也是最简单的数据类型.注意,VALUE既可以是简单的Stri ...