Restructure run_on_url

[TotallyNotChase]

This PR separates many of the tasks in run_on_url (inside Scanner.py) to be a function of their own. It also implements a few common functions that the code can use instead of having multiple instances of the same snippet. (e.g final_report, count_results).

The function store_results (Not created by me) has also been called inside final_report. It was not being used before. So I sure hope it works correctly.

Note : This PR does not change/fix/improve anything except code readability. There are still bugs/unhandled exceptions that exist. I see a lot of flaws in the diff implementation, especially when alerts are not being addressed. The PR to fix these will be seperate.

[TotallyNotChase]

This should close #18

[M4cs]

Thanks Chase! This looks really good. One equestion. Have you tested it at all on something like xss-game? You can find the example link in the menu startup.

[TotallyNotChase]

I've tested this and as I mentioned this does not FIX the already present problems (see #21). It does not however add any other problems.

I've a working version right now but I have not pushed it because I wanna do this one by one. Also I need to know how diff is being used before I can make a working change, I can only make it work without diff for now.

See, diff is quite flawed.....

It returns true if the sources are same, not different. Which is fine I guess, except-

It's being used to check whether they are different, as in this if statement supposedly wants isDifferent to be true only when the sources are different. So that's an oversight. Also Difflib is a better choice for checking deltas I believe, just comparing the direct sources is not going to do us any good.

I'll push the working versions right today but I must make a request, allow me to suspend this diff function for now, a lot of work needs to be done to finish it before we can make it live.

[M4cs]

Yes for sure, feel free to suspend the diff module. Its not working correctly it seems anyways.

[TotallyNotChase]

Alright, I merged a working version to this PR. Here's the things I've changed -

id.send_keys(Keys.ENTER)
    try:
        new = self.driver.find_element_by_css_selector('button').click()
    except ElementNotInteractableException:
        pass

Every payload comes with a newline already with it (as I checked from debug). Hence that ENTER key send is useless and only raises unwanted exceptions so I removed that. I also removed the try - except block and it's contents because that one needs work to be usable.

A disclaimer on it's current state of working, this is for the payloads that work perfectly-

However, there are a bunch of payloads that either have syntax error or some other error in them. I suggest you check these out -

We can merge this build right now though. I'll be working on improving the HTML scan now, creating a webelement_list everytime inside a loop isn't very effective anyway. Also check out the code in Scanner.py a bit. Dropped some questions there :)

[M4cs]

Merging, looks good! Thanks for the contribution. The URL variable is the straight URL passed in. I did this so that if they have cookies it will render the normal webpage that they'd request and then add the cookies to that.