Exemplo n.º 1
0
def modules_scan(url,method,headers,body,scanid=None):
    '''Scanning API using different engines '''
    attack = read_scan_policy()
    if attack is None:
        print "Failed to start scan."
        sys.exit(1)

    if scanid is not None:
        count = 0
        for key,value in attack.items():
            if value == 'Y' or value =='y':
                count += 1
        update_scan_status(scanid,"",count)


    if attack['zap'] == "Y" or attack['zap'] == "y":
        api_scan = zap_scan()
        status = zap_start()
        if status is True:
            api_scan.start_scan(url,method,headers,body,scanid)

    # Custom modules scan
    if attack['cors'] == 'Y' or attack['cors'] == 'y':
        cors_main(url,method,headers,body,scanid)
        update_scan_status(scanid, "cors")
    if attack['Broken auth'] == 'Y' or attack['Broken auth'] == 'y':
        auth_check(url,method,headers,body,scanid)
        update_scan_status(scanid, "auth")
    if attack['Rate limit'] == 'Y' or attack['Rate limit'] == 'y':
        rate_limit(url,method,headers,body,scanid)
        update_scan_status(scanid, "Rate limit")
    if attack['csrf'] == 'Y' or attack['csrf'] == 'y':
        csrf_check(url,method,headers,body,scanid)
        update_scan_status(scanid, "csrf")
    if attack['jwt'] == 'Y' or attack['jwt'] == 'y':
        jwt_check(url,method,headers,body,scanid)
        update_scan_status(scanid, "jwt")
    if attack['sqli'] == 'Y' or attack['sqli'] == 'y':
        sqli_check(url,method,headers,body,scanid)
        update_scan_status(scanid, "sqli")
    if attack['xss'] == 'Y' or attack['xss'] == 'y':
        xss_check(url,method,headers,body,scanid)
        update_scan_status(scanid, "xss")
    if attack['open-redirection'] == 'Y' or attack['open-redirection'] == 'y':
        open_redirect_check(url,method,headers,body,scanid)
        update_scan_status(scanid, "open-redirection")
    if attack['xxe'] == 'Y' or attack['xxe'] == 'y':
        xxe = xxe_scan()
        xxe.xxe_test(url,method,headers,body,scanid)
        update_scan_status(scanid, "xxe")
    if attack['crlf'] == 'Y' or attack['crlf'] == 'y':
        crlf_check(url,method,headers,body,scanid)
        update_scan_status(scanid, "crlf") 
Exemplo n.º 2
0
def modules_scan(url,method,headers,body,scanid=None):
    '''Scanning API using different engines '''
    attack = read_scan_policy()
    if attack is None:
        print("Failed to start scan.")
        sys.exit(1)

    if scanid is None:
        scanid = generate_scanid()
    
    count = 0
    for key,value in list(attack.items()):
        if value == 'Y' or value =='y':
            count += 1

    update_scan_status(scanid,"",count)


    if attack['zap'] == "Y" or attack['zap'] == "y":
        api_scan = zap_scan()
        status = zap_start()
        if status is True:
            api_scan.start_scan(url,method,headers,body,scanid)

    # Custom modules scan
    if attack['cors'] == 'Y' or attack['cors'] == 'y':
        handleException(lambda: cors_main(url,method,headers,body,scanid), "CORS")
        update_scan_status(scanid, "cors")
    if attack['Broken auth'] == 'Y' or attack['Broken auth'] == 'y':
        handleException(lambda: auth_check(url,method,headers,body,scanid), "Authentication")
        update_scan_status(scanid, "auth")
    if attack['Rate limit'] == 'Y' or attack['Rate limit'] == 'y':
        handleException(lambda: rate_limit(url,method,headers,body,scanid), "Rate limit")
        update_scan_status(scanid, "Rate limit")
    if attack['csrf'] == 'Y' or attack['csrf'] == 'y':
        handleException(lambda: csrf_check(url,method,headers,body,scanid), "CSRf")
        update_scan_status(scanid, "csrf")
    if attack['jwt'] == 'Y' or attack['jwt'] == 'y':
        handleException(lambda: jwt_check(url,method,headers,body,scanid), "JWT")
        update_scan_status(scanid, "jwt")
    if attack['sqli'] == 'Y' or attack['sqli'] == 'y':
        handleException(lambda: sqli_check(url,method,headers,body,scanid), "SQL injection")
        update_scan_status(scanid, "sqli")
    if attack['xss'] == 'Y' or attack['xss'] == 'y':
        handleException(lambda: xss_check(url,method,headers,body,scanid), "XSS")
        update_scan_status(scanid, "xss")
    if attack['open-redirection'] == 'Y' or attack['open-redirection'] == 'y':
        handleException(lambda: open_redirect_check(url,method,headers,body,scanid), "Open redirect")
        update_scan_status(scanid, "open-redirection")
    if attack['xxe'] == 'Y' or attack['xxe'] == 'y':
        xxe = xxe_scan()
        handleException(lambda: xxe.xxe_test(url,method,headers,body,scanid), "XXE")
        update_scan_status(scanid, "xxe")
    if attack['crlf'] == 'Y' or attack['crlf'] == 'y':
        handleException(lambda: crlf_check(url,method,headers,body,scanid), "CRLF")
        update_scan_status(scanid, "crlf")
    if attack['security_headers'] == 'Y' or attack['security_headers'] == 'y':
        handleException(lambda: security_headers_missing(url,method,headers,body,scanid), "security_headers")
        update_scan_status(scanid, "security_headers")