def handle_single(info): info = copy.deepcopy(info) print('Module Nmap Scripts starting against %s' % info['target']) slack.send_module_start_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') # We receive the url with http/https, we will get only the host so nmap works host = info['target'] if info['type'] == 'url': host = host.split('/')[2] outdated_software(info, host) web_versions(info, host) if info['invasive_scans']: if INT_USERS_LIST and INT_PASS_LIST: ssh_ftp_brute_login(info, host, True) #SHH sleep(10) ssh_ftp_brute_login(info, host, False) #FTP ftp_anon_login(info, host) #FTP ANON default_account(info, host) #Default creds in web console print('Module Nmap Scripts finished against %s' % info['target']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_target(info): info = copy.deepcopy(info) if info['nessus_scan'] and nessus: print('Module Nessus Scan starting against %s alive urls from %s' % (str(len(info['target'])), info['domain'])) slack.send_module_start_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') targets = len(info['target']) if targets > 0: url_list = info['target'] divider = targets//2 #Plain list for nessus scan urls = ','.join(get_only_url(l) for l in url_list[divider:]) sub_info = copy.deepcopy(info) sub_info['target'] = url_list[divider:] sub_info['nessus_target'] = urls scan_target(sub_info) #Plain list for nessus scan urls = ','.join(get_only_url(l) for l in url_list[:divider]) sub_info = copy.deepcopy(info) sub_info['target'] = url_list[:divider] sub_info['nessus_target'] = urls scan_target(sub_info) print('Module Nessus Scan Finished against %s alive urls from %s' % (str(len(info['target'])), info['domain'])) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_target(info): info = copy.deepcopy(info) print('Module Nmap scripts starting against %s alive urls from %s' % (str(len(info['target'])), info['domain'])) slack.send_module_start_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') scanned_hosts = list() for url in info['target']: sub_info = copy.deepcopy(info) sub_info['target'] = url try: host = url.split('/')[2] except IndexError: host = url if host not in scanned_hosts: outdated_software(sub_info, host) web_versions(sub_info, host) if sub_info['invasive_scans']: if INT_USERS_LIST and INT_PASS_LIST: ssh_ftp_brute_login(sub_info, host, True) #SHH sleep(10) ssh_ftp_brute_login(sub_info, host, False) #FTP ftp_anon_login(sub_info, host) #FTP ANON default_account(sub_info, host) #Default creds in web console scanned_hosts.append(host) print('Module Nmap Scripts finished against %s' % info['domain']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_target(info): info = copy.deepcopy(info) print('Module CORS Scan starting against %s alive urls from %s' % (str(len(info['target'])), info['domain'])) slack.send_module_start_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') ROOT_DIR = os.path.dirname(os.path.abspath(__file__)) # We first put all the urls with http/s into a txt file random_filename = uuid.uuid4().hex FILE_WITH_URLS = ROOT_DIR + '/tools_output/' + random_filename + '.txt' for subdomain in info['target']: scan_info = copy.deepcopy(info) scan_info['target'] = subdomain with open(FILE_WITH_URLS, 'w') as f: f.write("%s\n" % subdomain) # Call scan target with the file scan_target(scan_info, FILE_WITH_URLS) # Delete all created files cleanup(FILE_WITH_URLS) print('Module CORS Scan finished against %s' % info['domain']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_single(info): info = copy.deepcopy(info) print('Module CORS Scan starting against %s' % info['target']) slack.send_module_start_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') ROOT_DIR = os.path.dirname(os.path.abspath(__file__)) # Put urls in a single file random_filename = uuid.uuid4().hex FILE_WITH_URL = ROOT_DIR + '/tools_output/' + random_filename + '.txt' cleanup(FILE_WITH_URL) with open(FILE_WITH_URL, 'w') as f: f.write("%s\n" % info['target']) # Call scan target scan_target(info, FILE_WITH_URL) # Delete all created files cleanup(FILE_WITH_URL) print('Module CORS Scan finished against %s' % info['target']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_single(info): info = copy.deepcopy(info) print('Module Firebase Scan starting against %s' % info['target']) slack.send_module_start_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') scan_target(info, info['target']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) print('Module Firebase Scan finished against %s' % info['target']) send_module_status_log(info, 'end') return
def handle_single(info): info = copy.deepcopy(info) if WAPPA_KEY: print('Module Libraries Scan starting against %s' % info['target']) slack.send_module_start_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') analyze(info, info['target']) slack.send_module_end_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) print('Module Libraries Scan finished against %s' % info['target']) send_module_status_log(info, 'end') return
def handle_single(info): info_copy = copy.deepcopy(info) if info_copy['acunetix_scan'] and acunetix and is_url(info_copy['target']): print('Module Acunetix Single Scan Starting against %s' % info_copy['target']) slack.send_module_start_notification_to_channel(info_copy, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info_copy, 'start') urls = [info_copy['target']] info_copy['target'] = urls scan_target(info_copy) print('Module Acunetix Single Scan Finished against %s' % info_copy['target']) slack.send_module_end_notification_to_channel(info_copy, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info_copy, 'end') return
def handle_target(info): info = copy.deepcopy(info) print('Module Token Finder starting against %s alive urls from %s' % (str(len(info['target'])), info['domain'])) slack.send_module_start_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') for url in info['target']: sub_info = copy.deepcopy(info) sub_info['target'] = url scan_target(sub_info, sub_info['target']) print('Module Token Finder finished against %s' % info['domain']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_single(info): info = copy.deepcopy(info) print('Module Nmap baseline starting against %s' % info['target']) slack.send_module_start_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') # We receive the url with http/https, we will get only the host so nmap works host = info['target'] if info['type'] == 'url': host = host.split('/')[2] basic_scan(info, host) print('Module Nmap baseline finished against %s' % info['target']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_target(info): info_copy = copy.deepcopy(info) if info_copy['acunetix_scan'] and acunetix: print('Module Acunetix Scan starting against %s alive urls from %s' % (str(len(info_copy['target'])), info_copy['domain'])) slack.send_module_start_notification_to_channel(info_copy, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info_copy, 'start') #We can have repeated urls differenced by http o https so we get only one (The https one's) full_list = remove_duplicates_if_exists(sorted(info_copy['target'],reverse=True)) info_for_scan = copy.deepcopy(info_copy) info_for_scan['target'] = full_list scan_target(info_for_scan) print('Module Acunetix Scan Finished against %s alive urls from %s' % (str(len(full_list)), info_copy['domain'])) slack.send_module_end_notification_to_channel(info_copy, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info_copy, 'end') return
def handle_single(info): info = copy.deepcopy(info) if info['nessus_scan'] and nessus and is_not_ip(info['target']): print('Module Nessus Single Scan Starting against %s' % info['target']) slack.send_module_start_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') url_plain = get_only_url(info['target']) info['nessus_target'] = url_plain info['target'] = list().append(info['target']) scan_target(info) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) print('Module Nessus Scan Finished against %s' % info['nessus_target']) send_module_status_log(info, 'end') else: pass return
def handle_single(info): info = copy.deepcopy(info) # Url will come with http or https, we will strip and append ports that could have tls/ssl url = info['target'] slack.send_module_start_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') valid_ports = ['443'] split_url = url.split('/') try: final_url = split_url[2] except IndexError: final_url = url print('Module SSL/TLS starting against %s' % info['target']) for port in valid_ports: scan_target(info, url, final_url+':'+port) print('Module SSL/TLS finished against %s' % info['target']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_target(info): info = copy.deepcopy(info) print('Module HTTP Method Scan starting against %s alive urls from %s' % (str(len(info['target'])), info['domain'])) slack.send_module_start_notification_to_channel( info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') for url in info['target']: sub_info = copy.deepcopy(info) split_url = url.split('/') try: final_url = split_url[2] except IndexError: final_url = url sub_info['target'] = final_url scan_target(sub_info, sub_info['target']) print('Module HTTP Method Scan finished against %s' % info['domain']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return
def handle_target(info): info = copy.deepcopy(info) print('Module SSL/TLS starting against %s alive urls from %s' % (str(len(info['target'])), info['domain'])) slack.send_module_start_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'start') valid_ports = ['443'] for url in info['target']: sub_info = copy.deepcopy(info) sub_info['target'] = url split_url = url.split('/') try: final_url = split_url[2] except IndexError: final_url = url for port in valid_ports: scan_target(sub_info, url, final_url+':'+port) print('Module SSL/TLS finished against %s' % info['domain']) slack.send_module_end_notification_to_channel(info, MODULE_NAME, SLACK_NOTIFICATION_CHANNEL) send_module_status_log(info, 'end') return