Spaghetti - Web应用程序安全扫描程序（spaghetti可数吗）

Spaghetti - Web应用程序安全扫描程序（spaghetti可数吗）

WAScan - Web Application Scanner

Note: building of a new version is underway...

WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner. It is designed to find various vulnerabilities using "black-box" method, that means it won't study the source code of web applications but will work like a fuzzer, scanning the pages of the deployed web application, extracting links and forms and attacking the scripts, sending payloads and looking for error messages,..etc. WAScan is built on python2.7 and can run on any platform which has a Python environment.

Features

Fingerprint

Content Management System (CMS) -> 6Web Frameworks -> 22Cookies/Headers SecurityLanguages -> 9Operating Systems (OS) -> 7Server -> ALLWeb App Firewall (WAF) -> 50+

Attacks

Bash Commands InjectionBlind SQL InjectionBuffer OverflowCarriage Return Line FeedSQL Injection in HeadersXSS in HeadersHTML InjectionLDAP InjectionLocal File InclusionOS CommandingPHP Code InjectionSQL InjectionServer Side InjectionXPath InjectionCross Site ScriptingXML External Entity

Audit

Apache Status PageOpen RedirectPHPInfoRobots.txtXST

Bruteforce

Admin PanelCommon BackdoorCommon Backup DirCommon Backup FileCommon DirCommon FileHidden Parameters

Disclosure

Credit CardsEmailsPrivate IPErrors -> (fatal errors,...)SSN

Installation

$ git clone https://github.com/m4ll0k/WAScan.git wascan$ cd wascan $ pip install BeautifulSoup$ python wascan.py

Usage

Fingerprint:

$ python wascan.py --url http://xxxxx.com/ --scan 0

Attacks:

$ python wascan.py --url http://xxxxx.com/index.php?id=1 --scan 1

Audit:

$ python wascan.py --url http://xxxxx.com/ --scan 2

Bruteforce:

$ python wascan.py --url http://xxxxx.com/ --scan 3

Disclosure:

$ python wascan.py --url http://xxxxx.com/ --scan 4

Full Scan:

$ python wascan.py --url http://xxxxx.com --scan 5

Bruteforce Hidden Parameters:

$ python wascan.py --url http://xxxxx.com/test.php --brute

Advanced Usage

$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234"$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --data "id=1" --method POST$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234" --proxy xxx.xxx.xxx.xxx $ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234" --proxy xxx.xxx.xxx.xxx --proxy-auth "root:4321"$ python wascan.py --url http://xxxxx.com/test.php --scan 5 --auth "admin:1234" --proxy xxx.xxx.xxx.xxx --proxy-auth "root:4321 --ragent -v

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。