Djangohunter - 用于帮助识别Django程序中暴露敏感信息的错误配置的工具

Djangohunter - 用于帮助识别Django程序中暴露敏感信息的错误配置的工具

Djangohunter

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.

https://reddit.com/r/django/comments/87qcf4/28165_thousand_django_running_servers_are_exposed/ https://twitter.com/6ix7ine/status/978598496658960384?lang=en

Usage

Usage: python3 djangohunter.py --key {shodan}Dorks: 'DisallowedHost', 'KeyError', 'OperationalError', 'Page not found at /'

Requirements

ShodanPyfigletRequestsBeautifulSoup

pip install -r requirements.txt

Demo

Disclaimer

Code samples are provided for educational purposes. Adequate defenses can only be built by researching attack techniques available to malicious actors. Using this code against target systems without prior permission is illegal in most jurisdictions. The authors are not liable for any damages from misuse of this information or code.

Donations

XMR: 49m12JEEC6HPCHkLMX5QL4SrDQdKwh6eb4Muu8Z9CwA9MwemhzFQ3VcgHwyuR73rC22WCymTUyep7DVrfN3GPt5JBCekPrR

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。