An automated penetration testing tool , that automates web vulnerabilities testing upon a URL given with a parameter
pip3 install -r requirements.txt
This should install all the requirements required to fully function.
You need to create a config
file and put in your secret key and SQLAlchemy URL as an example:
SECRET_KEY = 'somesecretgoesherepewpew333'
SQLALCHEMY_DATABASE_URI = 'sqlite:///db.sqlite'
VULN_KEY = 'keyhere'
SHODAN_API_KEY = 'keyhere'
WHOISXMLAPI_KEY = 'keyhere'
You can generate your Shodan API from shodan's official website , and vulners from https://vulners.com , whoisxmlapi from https://whoisxmlapi.com
Now to finally run it up :
python3 starter.py
And the it will start the flask web server , then you can access it from the web by visiting http://localhost:5000/
then you will need to log in , where the default creds admin:admin
:
Now in the main page you can put in a URL with an endpoint that you want to test , and then click on scan and it'll perform the magic.
Then the user can change the password by navigating to the profile tab , and setting the username he wants as well as the password.
This is an example of scanning https://api.github.com/users
but it's best you put something with an endpoint and parameter , since this is a parameter tester :) , As seen below are the output:
Another Example:
We have a new tab which is Post Based
, and it's underdevelopment.
You can visit /output
to check the output of possible exploits found from exploit-db.
You can visit /subdomains
to check the output of subdomains available under the domain provided at first.
You can visit /domain
to get information about the domain hosting the web application.
FUNCTIONALITIES::
Below are the vulnerabilities that can be tested currently:
- XSS (Cross Site Scripting)
- HTML injection
- SSTI (Server Side Template Injection)
- OS Command Injection
- LFI (Local File Inclusion)
- SQL injection
- SSRF (Server Side Request Forgery)
- Directory Traversal
- Open Redirection
- Anonymous FTP Login (if exists an FTP Service)
More Vulnerability testing functions will be added soon:)
The tool performs 10 core functions as of now, and these are:
- Determine Technologies Used
- Find Vulnerabilities
- Check Web Server Type
- Get Domain Information
- Perform Ports Enumeration
- Pull DNS Records
- Get Suspicious Directories
- Perform Subdomain Enumeration
- Provide Exploit Information Upon Technologies Used
- Provide Mitigation Information Accordingly To The Exploits
LOGO ArtWork By witchdocsec