def main(args):
utils.dir_exists(args.output, True)
zap = ZAPv2(apikey=config.ZAP_API, proxies=config.ZAP_PROXIES) # pylint: disable=unexpected-keyword-arg
# Create new session
zap.core.new_session(args.output)
urls = utils.parse_webserver_urls(args.input)
for url in urls:
if not utils.check_url(url)[0]:
continue
run_zap_attack(url, zap)
def main(args):
utils.dir_exists(args.output, True)
zap = ZAPv2(apikey=config.ZAP_API, proxies=config.ZAP_PROXIES) # pylint: disable=unexpected-keyword-arg
# Create new session
try:
zap.core.new_session(args.output)
except requests.exceptions.ProxyError:
LOG.error("Couldn't attach to ZAP. Is it running?")
return
urls = utils.parse_webserver_urls(args.input)
for url in urls:
if not utils.check_url(url)[0]:
continue
run_zap_attack(url, zap)
def main(args):
testssl_folder = os.path.join(args.output, "testssl")
utils.dir_exists(testssl_folder, True)
for url in utils.parse_webserver_urls(args.input):
if not utils.uses_encryption(url):
LOG.debug("Skipping, no encryption: {}".format(url))
continue
if not utils.check_url(url)[0]:
continue
LOG.info("Testing url: {}".format(url))
testssl_command, html_output = create_command(url, testssl_folder)
text_output = run_commands.bash_command(testssl_command)
html_output = run_commands.create_html_file(text_output,
testssl_command,
html_output)
LOG.debug("Saving output to {}".format(html_output))
def main(args):
imaged_urls = []
utils.dir_exists(args.output_dir, True)
urls = utils.parse_webserver_urls(args.input_file)
url_queue = Queue()
for _ in range(args.threads):
t = threading.Thread(target=process_queue,
kwargs={
'args': args,
'url_queue': url_queue,
'imaged_urls': imaged_urls,
'urls': urls,
})
t.daemon = True
t.start()
for current_url in urls:
url_queue.put(current_url)
url_queue.join()
def main(args): # noqa
utils.dir_exists(args.output_dir, True)
run_update()
tested = 0
down = 0
timeout = 0
received_403 = 0
not_wordpress = 0
wordpress = 0
stackerror = 0
for url in utils.parse_webserver_urls(args.input):
if utils.check_url(url)[0]:
tested += 1
command, html_output = create_command(url, args.output_dir)
results = run_command_tee_aha(command, html_output)
if results == "down":
down += 1
elif results == "403":
received_403 += 1
elif results == "timeout":
timeout += 1
elif results == "not wordpress":
not_wordpress += 1
elif results == "wordpress":
wordpress += 1
elif results == "stackerror":
stackerror += 1
LOG.info("Finished testing:")
LOG.info("Total sites tested {} - (some sites skipped based on response)".format(tested))
if down != 0:
LOG.info("Websites that appeared to be down: {}".format(down))
if timeout != 0:
LOG.info("Websites that timedout: {}".format(timeout))
if received_403 != 0:
LOG.info("Websites that responded with a 403: {}".format(received_403))
if stackerror != 0:
LOG.info("Stack error received: {}".format(stackerror))
if not_wordpress != 0:
LOG.info("Websites that do not appear to be running WordPress: {}".format(not_wordpress))
LOG.info("Total running WordPress: {}".format(wordpress))
def main(args):
utils.dir_exists(args.output, True)
for url in utils.parse_webserver_urls(args.input):
if utils.check_url(url)[0]:
command, html_output = create_command(url, args.output)
run_whatweb(command, html_output)
def run_burp_on_webservers(url_file):
urls = parse_webserver_urls(url_file)
for url in urls:
run_burp(url)