def get_web_application_info(self):
session = self.request_handler.get_new_session()
try:
with session:
# Test if target is serving HTTP requests
response = session.get(timeout=20,
url="{}://{}:{}".format(
self.host.protocol,
self.host.target, self.host.port))
self.headers = response.headers
self._detect_cms()
self._robots()
self._sitemap()
self._server_info()
self._x_powered_by()
self._cors_wildcard()
self._xss_protection()
self._anti_clickjacking()
self._cookie_info(session.cookies)
soup = BeautifulSoup(response.text, "lxml")
self._find_fuzzable_urls(soup)
self._find_forms(soup)
except (ConnectionError, TooManyRedirects) as e:
raise WebAppScannerException("Couldn't get response from server.\n"
"Caused due to exception: {}".format(
str(e)))
async def get_web_application_info(self):
session = self.request_handler.get_new_html_session()
try:
with session:
# Test if target is serving HTTP requests
response = await session.get(
timeout=20,
url="{}://{}:{}".format(self.host.protocol,
self.host.target, self.host.port),
headers=self.request_headers)
self.headers = response.headers
self._detect_cms()
self._robots()
self._sitemap()
self._server_info()
self._x_powered_by()
self._cors_wildcard()
self._has_header('X-Frame-Options')
self._has_header('Content-Security-Policy')
self._has_header('Strict-Transport-Security')
self._has_header('X-Content-Type-Options')
self._has_header('X-XSS-Protection')
except (ConnectionError, TooManyRedirects) as e:
raise WebAppScannerException("Couldn't get response from server.\n"
"Caused due to exception: {}".format(
str(e)))