- scrapy
sudo pip install scrapy- python requests module
sudo apt-get install python-pipMainScanner.py runs the crawler, then scans for various vulnerability categories, outputting vulnerabilities in ./vulnerabilities/*.json and POC exploit scripts to ./scripts/
Usage:
python MainScanner.pyThe crawler crawls all <a> tags as well as all submitted <form> tags, and record all GET requests with query parameters and requests from <form> tags
Usage:
scrapy crawl main -o targets.jsonSample output targets.json:
[
{"action": "http://target.com/commandinjection/commandinjection.php", "inputs": [{"name": "host"}], "method": "POST"},
{"action": "http://target.com/sqli/sqli.php", "inputs": [{"name": "username"}], "method": "POST"},
{"action": "http://target.com/csrf/csrf.php", "inputs": [{"name": "secret"}, {"name": "csrftoken"}], "method": "POST"},
{"action": "http://target.com/serverside/serverside.php", "inputs": [{"name": "page"}], "method": "GET"},
{"action": "http://target.com/directorytraversal/directorytraversal.php", "inputs": [{"name": "ascii"}], "method": "GET"}
]Using sqlmap
Getting php page's source code
Stealing /etc/passwd
Force redirection to https://status.github.com/messages
Injecting uname -a