class Headers(): def __init__(self): self.Print = Print() self.logger = LoggingManager() def execute_all_func(self, target): self.get_headers(target) self.check_headers(target) def get_headers(self, target): data = "" try: req = requests.head(target) except requests.exceptions.MissingSchema as e: print("Non valid URL. Please specify a valid URL.") self.logger.error_log(e) exit() except Exception as e: print("Error occured while accessing headers.Check recon log") self.logger.recon_log(e) exit() for name, value in req.headers.items(): length = len(name) length = 50 - length data = data + name + ": ".rjust(length) + value + "\n" self.Print.printer(0, "Response Headers: ", data) def check_headers(self, target): req = requests.head(target) print("\n") self.Print.printer(0, "Response header Analysis: ", None) try: xssprotect = req.headers['X-XSS-Protection'] if xssprotect != '1; mode=block': self.Print.printer( 0, "X-XSS-Protection not set properly, XSS may be possible:", xssprotect) except: self.Print.printer( 0, "X-XSS-Protection not set, XSS may be possible", None) try: contenttype = req.headers['X-Content-Type-Options'] if contenttype != 'nosniff': self.Print.printer(0, "X-Content-Type-Options not set properly:", contenttype) except: self.Print.printer(0, "X-Content-Type-Options not set", None) try: hsts = req.headers['Strict-Transport-Security'] except: self.Print.printer( 0, "HSTS header not set, MITM attacks may be possible", None) try: csp = req.headers['Content-Security-Policy'] self.Print.printer(0, "Content-Security-Policy set: ", csp) except: self.Print.printer(0, "Content-Security-Policy missing", None)
class Headers: def __init__(self): self.Print = Print() self.logger = LoggingManager() def execute_all_func(self, target): self.get_headers(target) self.check_headers(target) def get_headers(self, target): data = "" try: req = requests.head(target) except requests.exceptions.MissingSchema as e: print("Non valid URL. Please specify a valid URL.") self.logger.error_log(e) exit() except Exception as e: print("Error occured while accessing headers.Check recon log") self.logger.recon_log(e) exit() for name, value in req.headers.items(): length = len(name) length = 50 - length data = data + name + ": ".rjust(length) + value + "\n" self.Print.printer(0, "Response Headers: ", data) def check_headers(self, target): req = requests.head(target) print("\n") self.Print.printer(0, "Response header Analysis: ", None) try: xssprotect = req.headers["X-XSS-Protection"] if xssprotect != "1; mode=block": self.Print.printer(0, "X-XSS-Protection not set properly, XSS may be possible:", xssprotect) except: self.Print.printer(0, "X-XSS-Protection not set, XSS may be possible", None) try: contenttype = req.headers["X-Content-Type-Options"] if contenttype != "nosniff": self.Print.printer(0, "X-Content-Type-Options not set properly:", contenttype) except: self.Print.printer(0, "X-Content-Type-Options not set", None) try: hsts = req.headers["Strict-Transport-Security"] except: self.Print.printer(0, "HSTS header not set, MITM attacks may be possible", None) try: csp = req.headers["Content-Security-Policy"] self.Print.printer(0, "Content-Security-Policy set: ", csp) except: self.Print.printer(0, "Content-Security-Policy missing", None)
class HTTPMethods(): def __init__(self): self.Print = Print() self.logger = LoggingManager() self.verbs = ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS', 'TRACE'] def test_allowed_methods(self, target): for verb in self.verbs: try: req = requests.request(verb, target) print(verb, req.status_code, req.reason) if verb == 'TRACE' and 'TRACE / HTTP' in req.text: self.Print.printer(1, "Cross Site Tracing found", None) except requests.exceptions.ConnectionError as e: print("CONNECT :: Connection error occured. Retry using https") self.logger.recon_log(e) except Exception as e: self.logger.recon_log(e) print("Error while testing allowed methords. Check recon log")
class Others(): # def __init__(self): def execute_all_func(self, target): self.logger = LoggingManager() self.websocket_tester(target) def websocket_tester(self, target): try: req = requests.get(target) check = ["ws://", "wss://", "WebSocket"] flag = str(req.text.encode('ascii', 'ignore')) except: print("Error while testing websockets. Check recon log for details\ .") self.logger.recon_log(e) for i in range(0, len(check)): for line in re.finditer(check[i], flag): print("=======================================================") print("Possible Attack: \n") print("Cross-Site WebSocket Hijacking (CSWSH)") print("Might be handy: http://ironwasp.org/cswsh.html") return
class Cookies(): """ """ def __init__(self): self.cookies = "" self.Print = Print() self.logger = LoggingManager() def execute_all_func(self, target): self.get_cookies(target) self.base64_check(target) def get_cookies(self, target): data = "" try: req = requests.get(target) self.cookies = req.cookies.items() except Exception as e: print("Error occured while accessing cookies. Check recon log") self.logger.recon_log(e) for name, value in self.cookies: length = len(name) length = 25 - length data = data + name + ": ".rjust(length) + value self.Print.printer(0, "Cookies: ", data) def base64_check(self, target): for name, value in self.cookies: try: flag = base64.decodestring( value.replace("%3D", "=").encode("ascii")).decode("cp437") length = len(name) length = 25 - length data = name + ": ".rjust(length) + flag self.Print.printer(0, "Base64 Encoded Cookies: (Attention!)", data) except binascii.Error as e: continue