-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' of github.com:urchinsec/api-ninja into main
- Loading branch information
Showing
6 changed files
with
193 additions
and
23 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,37 @@ | ||
# api-ninja | ||
# API-NINJA V1 | ||
An automated penetration testing tool , that will help perform a basic enumeration upon a given API endpoint! | ||
|
||
# Quick start server in development environtment | ||
FLASK_APP=api_ninja FLASK_ENV=development flask run | ||
## Installation | ||
### Requirements:: | ||
``` | ||
pip3 install -r requirements.txt | ||
``` | ||
This should install all the requirements required to fully function. | ||
|
||
## Usage | ||
### Flask Web Server:: | ||
``` | ||
python3 app.py | ||
``` | ||
This should start the web server, Access it from your browser by requesting `http://127.0.0.1:5000/` | ||
It should look something like this: | ||
|
||
![api-ninja](https://user-images.githubusercontent.com/49201347/154808834-ec994fbf-79ad-458f-8e15-9a6a0eec5c43.png) | ||
|
||
### Scanning:: | ||
Now For the testing part , you shall input an api url with an endpoint attached to it, click scan , and it'll do the magic. | ||
|
||
![api-nina-work](https://user-images.githubusercontent.com/49201347/154809477-33048b93-dfb0-4cd7-a066-39cad7833117.png) | ||
|
||
We can go to `/output` endpoint and take alook at the exploit information about the server and we will get to see vulnerabilities upon the server version and all those things listed as seen below: | ||
|
||
![outputapi](https://user-images.githubusercontent.com/49201347/154809562-663e2e56-5a13-416f-806d-59207f77dfe9.png) | ||
|
||
## API-NINJA V2 | ||
1. Supports REST-API Penetration Testing | ||
2. A portal to access all reports | ||
3. More Vulnerability Testing Functionalities | ||
|
||
## CONTACTS:: | ||
1. [email protected] | ||
2. https://discord.gg/red66VCSEp |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
from flask import Flask, render_template, request, jsonify | ||
from flask_bootstrap import Bootstrap | ||
from scanner import Scanner | ||
|
||
import json | ||
|
||
scanner = Scanner() | ||
|
||
app = Flask(__name__) | ||
Bootstrap(app) | ||
|
||
@app.route("/") | ||
def index(): | ||
return render_template("index.html") | ||
|
||
@app.route("/check", methods=["POST"]) | ||
def check_url(): | ||
check_result = scanner.full_scan(request.form["url"]) | ||
return render_template("index.html", check_result=check_result) | ||
|
||
@app.route("/output", methods=["GET"]) | ||
def output(): | ||
with open("output_exploit_search.json",'r') as exploitResult: | ||
read = exploitResult.readlines() | ||
read = jsonify(read) | ||
|
||
return read | ||
|
||
if __name__ == "__main__": | ||
app.run() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
flask | ||
flask_bootstrap | ||
vulners |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,18 +1,110 @@ | ||
#!/usr/bin/python3 | ||
from Wappalyzer import Wappalyzer, WebPage | ||
import requests | ||
import vulners | ||
import json | ||
import os | ||
|
||
class Scanner: | ||
def full_scan(self, url): | ||
return { | ||
"checked_url": url, | ||
"technology": self.scan_for_technologies(url), | ||
"vuln": self.scan_for_vuln(url), | ||
"server_version": self.scan_for_server_version(url), | ||
"request_tamp": self.request_tamp(url), | ||
"exploit_info": self.exploit_info(url), | ||
"mitigation_info": self.mitigation_info(url) | ||
} | ||
|
||
def full_scan(self, url): | ||
return { | ||
"checked_url": url, | ||
"technology": self.scan_for_technologies(url), | ||
"vuln": self.scan_for_vuln(url), | ||
"server_version": self.scan_for_server_version(url) | ||
} | ||
def scan_for_technologies(self, url): | ||
webpage = WebPage.new_from_url(url) | ||
wappalyzer = Wappalyzer.latest() | ||
res = wappalyzer.analyze_with_versions_and_categories(webpage) | ||
|
||
def scan_for_technologies(self, url): | ||
return "Windows" | ||
return res | ||
|
||
def scan_for_vuln(self, url): | ||
test1 = Scanner.test_xss(url) | ||
test2 = Scanner.test_ssti(url) | ||
test3 = Scanner.test_htmli(url) | ||
|
||
def scan_for_vuln(self, url): | ||
return "RCE found" | ||
return f"{test1} , {test2} , {test3}" | ||
|
||
def scan_for_server_version(self, url): | ||
return "Server 2009" | ||
def scan_for_server_version(self, url): | ||
req = requests.get(url) | ||
headers = req.headers | ||
server = headers['Server'] | ||
|
||
return server | ||
|
||
def request_tamp(self, url): | ||
return "Not Spotted" | ||
|
||
def exploit_info(self,url): | ||
req = requests.get(url) | ||
headers = req.headers | ||
server = headers["Server"] | ||
|
||
VKey = "" # get api key by going to https://vulners.com | ||
VApi = vulners.Vulners(api_key=VKey) | ||
|
||
search = VApi.searchExploit(server) | ||
search = json.dumps(search,indent=2) | ||
|
||
os.system(f"touch output_exploit_search.json") | ||
with open(f"output_exploit_search.json","w") as exploitResult: | ||
exploitResult.writelines(search) | ||
|
||
return f"Result Written To output_exploit_search.json, Access by visiting `/output`" | ||
|
||
def mitigation_info(self, url): | ||
payloadxss = "<script>document.write('xss');</script>" | ||
payloadssti = "{{7*7}}" | ||
payloadhtmli = "<h1>htmlinjection</h1>" | ||
|
||
reqxss = requests.get(f"{url}{payloadxss}") | ||
reqssti = requests.get(f"{url}{payloadssti}") | ||
reqhtmli = requests.get(f"{url}{payloadhtmli}") | ||
|
||
if "xss" in reqxss.text and "49" in reqssti.text and "htmlinjection" in reqhtmli.text: | ||
return "SSTI,XSS, and HTMLinjection available can be prevented by reviewing the code and sanitizing the inputs" | ||
else: | ||
return "Check Through The Output" | ||
|
||
def test_ssti(url): | ||
payload = "{{7*7}}" | ||
fattempt = f"{url}{payload}" | ||
req = requests.get(fattempt) | ||
print(req.text) | ||
if req.status_code == 200: | ||
if "49" in req.text: | ||
return "SSTI(Server Side Template Injection)" | ||
else: | ||
return "" | ||
else: | ||
return "" | ||
|
||
def test_xss(url): | ||
fattempt = f"{url}<script>document.write('xss');</script>" | ||
req = requests.get(fattempt) | ||
if req.status_code == 200: | ||
if "xss" in req.text: | ||
print(req.text) | ||
return "XSS(Reflective)" | ||
else: | ||
return "" | ||
else: | ||
return "" | ||
|
||
def test_htmli(url): | ||
fattempt = f"{url}<h1 align='center' style='color:red;'>htmlinjection</h1>" | ||
req = requests.get(fattempt) | ||
if req.status_code == 200: | ||
if "htmlinjection" in req.text: | ||
print(req.text) | ||
return "HTML INJECTION" | ||
else: | ||
return "" | ||
else: | ||
return "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters