Commit graph

29 commits

Author SHA1 Message Date
ekultek
1bfac89266 removed the gist lookup, it will be reimplemented in the furture, but for now there's to many problems with it (issue #285) 2017-12-15 09:46:36 -06:00
ekultek
b16a9c184a getting rid of the '...' at the end of the output string, got sick of typing it os now it won't be there anymore 2017-12-07 07:27:20 -06:00
ekultek
6e3d4b98f8 these updates should patch issue #245 and issue #252, seems that the error just wasn't being caught 2017-12-06 21:13:12 -06:00
ekultek
b86db8008f update for an issue #233, #234, #235 and #237. issue was with Tor (proxy 127.0.0.1:9050) needed a higher timeout for it 2017-12-06 10:48:58 -06:00
ekultek
4c5b1538f3 will now detect the website character encoding, attempt to detect firewalls, attempt to detect plugins, also will now only use 1 request (2 if firewall is detected) 2017-12-06 09:38:57 -06:00
ekultek
bc053b5dcf will now detect the website character encoding, attempt to detect firewalls, attempt to detect plugins, also will now only use 1 request (2 if firewall is detected) 2017-12-06 09:37:46 -06:00
ekultek
151d44beff patch for an issue where the status code was in the wrong place issue #219 2017-12-02 11:23:48 -06:00
ekultek
083e541284 fixes a bunch of bugs, plus some annoying output that shouldn't be showing up, including but not limited to issue #202 and issue #203 2017-12-01 11:05:53 -06:00
ekultek
5de72f5d33 fixes a bunch of connection bugs including issue #191, also fixes some issues with WAF identification 2017-11-30 13:23:18 -06:00
ekultek
c0382bdb17 created a timeout class that will timeout a function if it takes to long, added the timeout to the nmap scan, if it takes over 2 minutes it will timeout, you can increase the timeout with the --time-sec flag 2017-11-29 11:48:12 -06:00
ekultek
f3dd7c567b will now save potential SQLi vulnerable websites to a log file during the header check (if the check throws a dbms error) 2017-11-28 13:07:23 -06:00
ekultek
97187c07f0 fixes issue #173 crawler will ignore SSL certificates, fixes #174 caches the found firewall into memory, incase we run across it again we don't waste our time trying to discover it, fixes #175 and #176 if there are unicode chars in the value it will not be saved 2017-11-28 08:14:47 -06:00
ekultek
4c496b265c one more patch for the generic WAF detection script, another private report, will not detect Apache now 2017-11-27 13:45:15 -06:00
ekultek
4651fcd2ac major patch for an issue with the firewall identification (private report) it was super unreliable, should work better now 2017-11-27 13:09:53 -06:00
ekultek
e662cb4a00 created an interactive pause that you will be able to skip or exit from 2017-11-25 20:00:23 -06:00
ekultek
3225387157 fixed the x-forwarded-for header in the header checking 2017-11-24 07:03:10 -06:00
ekultek
6f62049eb8 optimization for the time it takes to load the program, should be quicker now, created a search for public PGP keys will take your sites domain and search for any public PGP keys it can find, renamed some files to make more sense 2017-11-22 15:07:24 -06:00
ekultek
9eca1950cb created constants of all the log filenames, adjusted files accordingly 2017-11-20 14:04:11 -06:00
ekultek
fd4c89ffb8 created a common.py file and drafted write_to_log_file into it, also created an HTTP_HEADER class that will be used instead of repeating myself, fixed everything accordingly 2017-11-20 11:43:27 -06:00
ekultek
6f6663b453 added a new header to the check to see if they have protection against MITM attacks (Public-Key-Pins) 2017-11-14 19:40:21 -06:00
ekultek
beaa69f7af added a few new WAF scripts (issue #142) squid proxy IDS, cloudfront, minor updates to modsecurity 2017-11-14 13:54:52 -06:00
ekultek
a805afd1fa minor update so that it will not keep pulling the Apache server error, this way it will truly only pull what it believes are WAF/IDS/IPS's 2017-11-13 20:46:26 -06:00
ekultek
f2cad88415 initial push for issue #142, created a few WAF scripts to detect, will also save the fingerprint of the WAF script if the protection is declared to be generic 2017-11-12 19:13:00 -06:00
ekultek
cec5a4c7c5 will now save discovered cookies to a log file 2017-11-11 16:02:34 -06:00
ekultek
d4d6630f59 patches an error where if you are unable to retrieve the headers it will fail, will not just output that it is unable to retreive the headers (issue #141) 2017-11-11 06:25:33 -06:00
ekultek
3db01c4dcf will only display the headers that are equipped for protection and will no longer prompt you if you want to continue, a warning should be enough, fixed a new line issue in an inof message 2017-11-10 11:00:21 -06:00
ekultek
150ebef721 will now save all headers to the log file 2017-11-09 14:40:23 -06:00
ekultek
864983250f when a header is present it will now display as a warning instead of an error 2017-11-08 13:57:45 -06:00
ekultek
b5ca0225b6 created a header check whilst running attacks. if a protection header is found in the headers found, it will prompt you and warn you 2017-11-07 14:52:57 -06:00