def main(args): utils.dir_exists(args.output, True) zap = ZAPv2(apikey=config.ZAP_API, proxies=config.ZAP_PROXIES) # pylint: disable=unexpected-keyword-arg # Create new session zap.core.new_session(args.output) urls = utils.parse_webserver_urls(args.input) for url in urls: if not utils.check_url(url)[0]: continue run_zap_attack(url, zap)
def main(args): utils.dir_exists(args.output, True) zap = ZAPv2(apikey=config.ZAP_API, proxies=config.ZAP_PROXIES) # pylint: disable=unexpected-keyword-arg # Create new session try: zap.core.new_session(args.output) except requests.exceptions.ProxyError: LOG.error("Couldn't attach to ZAP. Is it running?") return urls = utils.parse_webserver_urls(args.input) for url in urls: if not utils.check_url(url)[0]: continue run_zap_attack(url, zap)
def main(args): testssl_folder = os.path.join(args.output, "testssl") utils.dir_exists(testssl_folder, True) for url in utils.parse_webserver_urls(args.input): if not utils.uses_encryption(url): LOG.debug("Skipping, no encryption: {}".format(url)) continue if not utils.check_url(url)[0]: continue LOG.info("Testing url: {}".format(url)) testssl_command, html_output = create_command(url, testssl_folder) text_output = run_commands.bash_command(testssl_command) html_output = run_commands.create_html_file(text_output, testssl_command, html_output) LOG.debug("Saving output to {}".format(html_output))
def main(args): imaged_urls = [] utils.dir_exists(args.output_dir, True) urls = utils.parse_webserver_urls(args.input_file) url_queue = Queue() for _ in range(args.threads): t = threading.Thread(target=process_queue, kwargs={ 'args': args, 'url_queue': url_queue, 'imaged_urls': imaged_urls, 'urls': urls, }) t.daemon = True t.start() for current_url in urls: url_queue.put(current_url) url_queue.join()
def main(args): # noqa utils.dir_exists(args.output_dir, True) run_update() tested = 0 down = 0 timeout = 0 received_403 = 0 not_wordpress = 0 wordpress = 0 stackerror = 0 for url in utils.parse_webserver_urls(args.input): if utils.check_url(url)[0]: tested += 1 command, html_output = create_command(url, args.output_dir) results = run_command_tee_aha(command, html_output) if results == "down": down += 1 elif results == "403": received_403 += 1 elif results == "timeout": timeout += 1 elif results == "not wordpress": not_wordpress += 1 elif results == "wordpress": wordpress += 1 elif results == "stackerror": stackerror += 1 LOG.info("Finished testing:") LOG.info("Total sites tested {} - (some sites skipped based on response)".format(tested)) if down != 0: LOG.info("Websites that appeared to be down: {}".format(down)) if timeout != 0: LOG.info("Websites that timedout: {}".format(timeout)) if received_403 != 0: LOG.info("Websites that responded with a 403: {}".format(received_403)) if stackerror != 0: LOG.info("Stack error received: {}".format(stackerror)) if not_wordpress != 0: LOG.info("Websites that do not appear to be running WordPress: {}".format(not_wordpress)) LOG.info("Total running WordPress: {}".format(wordpress))
def main(args): utils.dir_exists(args.output, True) for url in utils.parse_webserver_urls(args.input): if utils.check_url(url)[0]: command, html_output = create_command(url, args.output) run_whatweb(command, html_output)
def run_burp_on_webservers(url_file): urls = parse_webserver_urls(url_file) for url in urls: run_burp(url)