def run_nikto(url_dict, output_dir, proxy, screenshot=False):
html_path = os.path.join(
output_dir, f"nikto_{url_dict['domain']}_{url_dict['port']}.html")
csv_path = os.path.join(
output_dir, f"nikto_{url_dict['domain']}_{url_dict['port']}.csv")
if proxy:
log.info(f"Using proxy: {proxy}")
command_text = NIKTO_PROXY_COMMAND
else:
command_text = NIKTO_COMMAND
command = command_text.format(domain=url_dict['domain'],
port=url_dict['port'],
root=url_dict['root'],
ssl=url_dict['ssl'],
output=csv_path,
proxy=proxy)
log.info('Running command: {}'.format(command))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and screenshot:
log.info(
"Creating a screenshot of the output and saving it to {}".format(
screenshot))
utils.dir_exists(screenshot, True)
utils.selenium_image(html_output, screenshot)
if not html_output:
log.error("Didn't receive a response from running the command.")
def main(output, url, no_screenshot, proxy):
os.makedirs(output, exist_ok=True)
output_dir = output
output = os.path.join(output, "nmap_sT_common_{}".format(url))
if proxy:
command = """nmap -sT --proxy-type socks5h --proxy {proxy} -oA {output} {url}""".format(
output=output, url=url, proxy=proxy)
else:
command = """nmap -sT -oA {output} {url}""".format(output=output,
url=url)
LOG.info("Running the command: {}".format(command))
file_name = "nmap_sT_common_{}.html".format(url)
html_path = os.path.join(output_dir, file_name)
LOG.info("Saving output to: {}".format(html_path))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and not no_screenshot:
screenshot_path = os.path.join(output_dir, "screenshots")
LOG.info(
"Creating a screenshot of the output and saving it to {}".format(
screenshot_path))
utils.dir_exists(screenshot_path, True)
utils.selenium_image(html_output, screenshot_path)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def run_testssl(url, output, no_screenshot, proxy):
if not utils.uses_encryption(url):
return
parsed_url = urlparse(url)
port = '443'
if parsed_url.port:
port = str(parsed_url.port)
html_path = os.path.join(output, f"testssl_{parsed_url.netloc}_{port}.html")
csv_output = os.path.join(output, f"testssl_{parsed_url.netloc}_{port}.csv")
if os.path.isfile(csv_output):
LOG.info("CSV file already exists, deleting it.")
os.remove(csv_output)
if proxy:
command = f"testssl --warnings off --csvfile {csv_output} --proxy {proxy} {url}"
else:
command = f"testssl --warnings off --csvfile {csv_output} {url}"
LOG.info('Running command: {}'.format(command))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and not no_screenshot:
screenshot_path = os.path.join(output, "screenshots")
LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot_path))
utils.dir_exists(screenshot_path, True)
utils.selenium_image(html_output, screenshot_path)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running nikto for {}".format(args.url))
parsed_url = urlparse(args.url)
netloc = parsed_url.netloc
# if non-standard port break it up.
if ":" in netloc:
domain = netloc.split(":")[0]
port = netloc.split(":")[1]
# otherwise port is based on scheme
else:
domain = netloc
if parsed_url.scheme == 'http':
port = '80'
else:
port = '443'
if parsed_url.scheme == 'https':
ssl = " -ssl"
else:
ssl = ""
if parsed_url.path:
root = " -root " + parsed_url.path
else:
root = ""
command = NIKTO_COMMAND.format(domain=domain, port=port, root=root, ssl=ssl)
netloc = urlparse(args.url).netloc
domain = netloc.split(":")[0]
html_path = os.path.join(args.output, "nikto_{}.html".format(domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and args.screenshot:
LOG.info("Creating a screenshot of the output and saving it to {}".format(args.screenshot))
utils.dir_exists(args.screenshot, True)
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running whatweb for {}".format(args.url))
if args.proxy:
# command = 'whatweb -v -a 3 --proxy {proxy} --user-agent "{ua}" {url}'.format(
# ua=USER_AGENT, url=args.url, proxy=args.proxy)
command = [
'whatweb', '-v', '-a', '3', '--proxy', args.proxy, '--user-agent',
'"' + USER_AGENT + '"', args.url
]
else:
# command = 'whatweb -v -a 3 --user-agent "{ua}" {url}'.format(ua=USER_AGENT, url=args.url)
command = [
'whatweb', '-v', '-a', '3', '--user-agent', '"' + USER_AGENT + '"',
args.url
]
LOG.info(command)
netloc = urlparse(args.url).netloc
domain = netloc.split(":")[0]
html_path = os.path.join(args.output, "whatweb_{}.html".format(domain))
text_output = run_commands.bash_command(command, split=False)
html_output = run_commands.create_html_file(text_output, command,
html_path)
# text_output = run_commands.bash_command(command_string, split=False)
# html_output = run_commands.create_html_file(text_output, command_string, html_path)
if html_output and args.screenshot:
LOG.info(
"Creating a screenshot of the output and saving it to {}".format(
args.screenshot))
utils.dir_exists(args.screenshot, True)
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running nmap with http-methods script for {}".format(args.url))
parsed_url = urlparse(args.url)
netloc = parsed_url.netloc
# if non-standard port break it up.
if ":" in netloc:
domain = netloc.split(":")[0]
port = netloc.split(":")[1]
# otherwise port is based on scheme
else:
domain = netloc
if parsed_url.scheme == 'http':
port = '80'
else:
port = '443'
if parsed_url.path:
command = "nmap --script http-methods --script-args http-methods.url-path='{path}' -p {port} {domain}".format(
path=parsed_url.path, port=port, domain=domain)
else:
command = "nmap --script http-methods -p {port} {domain}".format(
port=port, domain=domain)
LOG.info(f"Running command: {command}")
html_path = os.path.join(args.output,
"http_methods_{}.html".format(domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and args.screenshot:
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running whois for {}".format(args.domain))
command = "whois -H {domain}".format(domain=args.domain)
html_path = os.path.join(args.output, "whois_{}.html".format(args.domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and args.screenshot:
LOG.info("Creating a screenshot of the output and saving it to {}".format(args.screenshot))
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def run_escan(ips_file, output_dir, screenshot=False):
html_path = os.path.join(output_dir, "eternal_scan.html")
command = f'escan -ck {ips_file}'
LOG.info('Running command: ' + command)
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and screenshot:
LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot))
utils.dir_exists(screenshot, True)
utils.selenium_image(html_output, screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running yasuo")
command = "yasuo.rb -s /opt/yasuo/signatures.yaml -f {nmap_xml} -t 10".format(
nmap_xml=args.input)
LOG.info("Running the command: {}".format(command))
html_path = os.path.join(args.output, "yasuo.html")
LOG.info("Saving output to: {}".format(html_path))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and args.screenshot:
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def run_brute(args):
rc_brute = os.path.join(args.ptfolder, "rc_files/recon_brute.rc")
command = "recon-ng -r {}".format(rc_brute)
LOG.info("Running the command: {}".format(command))
file_name = "recon_brute.html"
html_path = os.path.join(args.output, file_name)
LOG.info("Saving output to: {}".format(html_path))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and args.screenshot:
utils.selenium_image(html_output, args.screenshot, x=800, y=800,
cropx=-10, cropy=-100, sleep=2, bottom=True)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def process_queue(webserver_queue, nikto_folder, args):
while True:
webserver = webserver_queue.get()
url = "{}://{}:{}".format(webserver['service_name'], webserver['ipv4'],
webserver['port'])
if not utils.check_url(url)[0]:
continue
LOG.debug("Working on url: {}:{}".format(webserver['ipv4'],
webserver['port']))
command, html_path = create_command(webserver, nikto_folder,
args.proxy)
text_output = run_commands.bash_command(command)
run_commands.create_html_file(text_output, command, html_path)
webserver_queue.task_done()
continue
def main(args):
LOG.info("Running uniscan on {}".format(args.url))
netloc = urlparse(args.url).netloc
domain = netloc.split(":")[0]
url = urlparse(args.url).scheme + "://" + netloc + urlparse(args.url).path
command = "uniscan -u {url} -qweds".format(url=url)
html_path = os.path.join(args.output, "uniscan_{}.html".format(domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and args.screenshot:
LOG.info("Creating a screenshot of the output and saving it to {}".format(args.screenshot))
utils.dir_exists(args.screenshot, True)
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running theHarvester")
os.makedirs(args.output, exist_ok=True)
output = os.path.join(args.output, "harvester.html")
command = """theHarvester -d {domain} -b all -l 100 -f {output}""".format(
domain=args.domain, output=output)
LOG.info("Running the command: {}".format(command))
file_name = "harvester_output.html"
html_path = os.path.join(args.output, file_name)
LOG.info("Saving output to: {}".format(html_path))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and args.screenshot:
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def run_wpscan(url, output_dir, screenshot=False):
html_path = os.path.join(output_dir,
f"wpscan_{url['domain']}_{url['port']}.html")
command = WPSCAN_COMMAND.format(url=url['url'])
LOG.info('Running command: {}'.format(command))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and screenshot:
LOG.info(
"Creating a screenshot of the output and saving it to {}".format(
screenshot))
utils.dir_exists(screenshot, True)
utils.selenium_image(html_output, screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running nmap")
os.makedirs(args.output, exist_ok=True)
output = os.path.join(args.output, "nmap_sT_common")
command = """nmap -sT -oA {output} -iL {input_file}""".format(
output=output, input_file=args.input)
LOG.info("Running the command: {}".format(command))
file_name = "nmap_sT_common.html"
html_path = os.path.join(args.output, file_name)
LOG.info("Saving output to: {}".format(html_path))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and args.screenshot:
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
testssl_folder = os.path.join(args.output, "testssl")
utils.dir_exists(testssl_folder, True)
for url in utils.parse_webserver_urls(args.input):
if not utils.uses_encryption(url):
LOG.debug("Skipping, no encryption: {}".format(url))
continue
if not utils.check_url(url)[0]:
continue
LOG.info("Testing url: {}".format(url))
testssl_command, html_output = create_command(url, testssl_folder)
text_output = run_commands.bash_command(testssl_command)
html_output = run_commands.create_html_file(text_output,
testssl_command,
html_output)
LOG.debug("Saving output to {}".format(html_output))
def main(args):
LOG.info("Running wafw00f for {}".format(args.url))
command = "wafw00f -a {url}".format(url=args.url)
netloc = urlparse(args.url).netloc
domain = netloc.split(":")[0]
html_path = os.path.join(args.output, "wafw00f_{}.html".format(domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and args.screenshot:
LOG.info(
"Creating a screenshot of the output and saving it to {}".format(
args.screenshot))
utils.dir_exists(args.screenshot, True)
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(output, url, no_screenshot, proxy):
if proxy:
command = "wafw00f -a -p {proxy} {url}".format(proxy=proxy, url=url)
else:
command = "wafw00f -a {url}".format(url=url)
LOG.info("Running wafw00f command: {}".format(command))
netloc = urlparse(url).netloc
domain = netloc.split(":")[0]
html_path = os.path.join(output, "wafw00f_{}.html".format(domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and not no_screenshot:
screenshot_path = os.path.join(output, "screenshots")
LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot_path))
utils.dir_exists(screenshot_path, True)
utils.selenium_image(html_output, screenshot_path)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running dirb for {}".format(args.url))
netloc = urlparse(args.url).netloc
domain = netloc.split(":")[0]
command = "dirb {url} /usr/share/wordlists/dirbuster/directory-list-lowercase-2.3-small.txt -S".format(
url=args.url)
html_path = os.path.join(args.output, "dirb_{}.html".format(domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and args.screenshot:
LOG.info(
"Creating a screenshot of the output and saving it to {}".format(
args.screenshot))
utils.dir_exists(args.screenshot, True)
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def run_whatweb(url, output_dir, screenshot=False):
parsed_url = urlparse(url)
port = parsed_url.port
if not port:
if parsed_url.scheme == 'http':
port = '80'
else:
port = '443'
html_path = os.path.join(output_dir, f"whatweb_{parsed_url.netloc}_{port}.html")
command = WHATWEB_COMMAND.format(url=url)
LOG.info('Running command: {}'.format(command))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command, html_path)
if html_output and screenshot:
LOG.info("Creating a screenshot of the output and saving it to {}".format(screenshot))
utils.dir_exists(screenshot, True)
utils.selenium_image(html_output, screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running gobuster for {}".format(args.url))
netloc = urlparse(args.url).netloc
domain = netloc.split(":")[0]
if args.proxy:
command = PROXY_COMMAND.format(url=args.url, proxy=args.proxy)
else:
command = COMMAND.format(url=args.url)
html_path = os.path.join(args.output, "gobuster_{}.html".format(domain))
text_output = run_commands.bash_command(command)
html_output = run_commands.create_html_file(text_output, command,
html_path)
if html_output and args.screenshot:
LOG.info(
"Creating a screenshot of the output and saving it to {}".format(
args.screenshot))
utils.dir_exists(args.screenshot, True)
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
def main(args):
LOG.info("Running whatweb for {}".format(args.url))
command_string = 'whatweb -v -a 3 --user-agent {ua} {url}'.format(
ua=USER_AGENT, url=args.url)
command = 'whatweb -v -a 3 --user-agent'.split()
command += [USER_AGENT, args.url]
LOG.info(command_string)
netloc = urlparse(args.url).netloc
domain = netloc.split(":")[0]
html_path = os.path.join(args.output, "whatweb_{}.html".format(domain))
text_output = run_commands.bash_command(command, split=False)
html_output = run_commands.create_html_file(text_output, command_string,
html_path)
if html_output and args.screenshot:
LOG.info(
"Creating a screenshot of the output and saving it to {}".format(
args.screenshot))
utils.dir_exists(args.screenshot, True)
utils.selenium_image(html_output, args.screenshot)
if not html_output:
LOG.error("Didn't receive a response from running the command.")
