mirror of
https://github.com/Ekultek/Zeus-Scanner.git
synced 2026-03-11 08:55:51 +00:00
updated modsecurity and created a new waf scripts for wordfence
This commit is contained in:
parent
c91ba86fef
commit
2639eeadef
3 changed files with 24 additions and 6 deletions
|
|
@ -1,4 +1,4 @@
|
|||
6b7b3eac4bcb0bf320973a2e5cf5078e ./zeus.py
|
||||
2f22501746b4af13bc1d6f2dec5a013b ./zeus.py
|
||||
4b32db388e8acda35570c734d27c950c ./etc/scripts/launch_sqlmap.sh
|
||||
6ad5f22ec4a6f8324bfb1b01ab6d51ec ./etc/scripts/cleanup.sh
|
||||
155c9482f690f1482f324a7ffd8b8098 ./etc/scripts/fix_pie.sh
|
||||
|
|
@ -23,11 +23,12 @@ ca6935a72fd0527d15a78a17a35e56e8 ./bin/drivers/geckodriver-v0.19.0-linux64.tar.
|
|||
07cd383c8aef8ea5ef194a506141afd6 ./bin/drivers/geckodriver-v0.19.0-linux32.tar.gz
|
||||
6ea65a0160c21e144e92334acc2e3667 ./lib/firewall/anquanbao.py
|
||||
34b946ab1f9aaac397ba77d5f8c132b1 ./lib/firewall/cloudflare.py
|
||||
1b5a2a7161db77ba570a629d25cb4055 ./lib/firewall/modsecurity.py
|
||||
1d65a5d7708a3b365f3a518ae7064304 ./lib/firewall/modsecurity.py
|
||||
6b370050b40d8c1d2221424f756c7842 ./lib/firewall/paloalto.py
|
||||
60973a0c2e34108dfb32c89ad46477b6 ./lib/firewall/sucuri.py
|
||||
ea6e622b8eaf83b4f717020b91530e71 ./lib/firewall/webseal.py
|
||||
783973a4c6af58907f6dbfe1b274c59c ./lib/firewall/generic.py
|
||||
c3f01fc8ff7dfe7759f63bf16b00f127 ./lib/firewall/wordfence.py
|
||||
785c28da8b681a7e23964f99118b5aab ./lib/tamper_scripts/obfuscateordinal_encode.py
|
||||
10bf1bc4ef0287d31633148fab557e8a ./lib/tamper_scripts/uppercase_encode.py
|
||||
5b68de0ce3a783b870921b09b5222146 ./lib/tamper_scripts/hex_encode.py
|
||||
|
|
@ -50,14 +51,14 @@ d41d8cd98f00b204e9800998ecf8427e ./lib/attacks/__init__.py
|
|||
7272a7fd0b0c2e9192bc4adb6154d2f0 ./lib/attacks/sqlmap_scan/__init__.py
|
||||
aa7268a8f085734a6c577c86440f7a1b ./lib/attacks/sqlmap_scan/sqlmap_opts.py
|
||||
d41d8cd98f00b204e9800998ecf8427e ./lib/attacks/whois_lookup/__init__.py
|
||||
d8fab18b15d1546f6585fe926c27868f ./lib/attacks/whois_lookup/whois.py
|
||||
9b2bd4904ec2385eb38a3b6cd59dbc99 ./lib/attacks/whois_lookup/whois.py
|
||||
3917cdce61918f3992fc682105367ce8 ./lib/attacks/admin_panel_finder/__init__.py
|
||||
b50e4b7fb9fdef374c00b7ab0ef913e9 ./lib/attacks/xss_scan/__init__.py
|
||||
27358f26bda30d7356143c3ea1fa99c5 ./lib/attacks/nmap_scan/__init__.py
|
||||
21faf4679cdeaa731029a48f8963d6e7 ./lib/attacks/nmap_scan/nmap_opts.py
|
||||
1faa2b5dfad6eb538bbfe42942d2a9da ./lib/core/errors.py
|
||||
d41d8cd98f00b204e9800998ecf8427e ./lib/core/__init__.py
|
||||
7d0c06f6bcbc8a9e024e433a94426913 ./lib/core/settings.py
|
||||
11b1a4ae775662b6f40a2d60fec9ffc2 ./lib/core/settings.py
|
||||
e25de81c51e5572d29e3e161dd35f41d ./lib/header_check/__init__.py
|
||||
d41d8cd98f00b204e9800998ecf8427e ./var/google_search/__init__.py
|
||||
2a7c4285914548b86593e6e000bdab32 ./var/google_search/search.py
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import re
|
||||
|
||||
|
||||
__item__ = "ModSecurity: Open Source Web Application Firewall (Trustwave)"
|
||||
__item__ = "ModSecurity: Open Source Web Application Firewall"
|
||||
|
||||
|
||||
def detect(content, **kwargs):
|
||||
|
|
@ -9,7 +9,8 @@ def detect(content, **kwargs):
|
|||
detection_schema = (
|
||||
re.compile(r"ModSecurity|NYOB", re.I),
|
||||
re.compile(r"This error was generated by Mod_Security", re.I),
|
||||
re.compile(r"Web Server at", re.I)
|
||||
re.compile(r"Web Server at", re.I),
|
||||
re.compile(r"page you are (accessing|trying)? (to|is)? (access)? (is|to)? (restricted)?", re.I)
|
||||
)
|
||||
for detection in detection_schema:
|
||||
if detection.search(content) is not None:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,16 @@
|
|||
import re
|
||||
|
||||
|
||||
__item__ = "Wordfence (Feedjit)"
|
||||
|
||||
|
||||
def detect(content, **kwargs):
|
||||
content = str(content)
|
||||
detection_schema = (
|
||||
re.compile(r"Generated by Wordfence", re.I),
|
||||
re.compile(r"Your access to this site has been limited", re.I),
|
||||
re.compile(r"<.+>Wordfence<.+.>", re.I)
|
||||
)
|
||||
for detection in detection_schema:
|
||||
if detection.search(content) is not None:
|
||||
return True
|
||||
Loading…
Reference in a new issue