Commit graph

48 commits

Author SHA1 Message Date
ekultek
cf2cc59022 fix for the intel AMT exploit checker (messed it up without realizing it) 2017-10-28 08:26:47 -05:00
ekultek
46fc2372c9 created a sitemap parser, will check for a page sitemap and save it if it is found, otherwise will just continue processing 2017-10-28 08:25:58 -05:00
ekultek
6ba7231e82 splitting the shell commands via shlex will make the commands more secure, and able to avoid most shell injection instances 2017-10-25 16:32:27 -05:00
ekultek
bdcc28b412 you are now successfully able to launch the sqlmap API automatically using the --auto flag (issue #58) 2017-10-25 13:26:20 -05:00
ekultek
c7fedc0165 fixed the nmap issues, it will run now it will also install itself if it's not there. working on sqlmap autostart (still). moved the function to create sqlmap and nmap arguments to settings.py. created two new scripts (one is still a work in progess) 2017-10-24 01:22:21 -05:00
ekultek
9cc673a05b some minor changes to the WhoIs lookup, trying to prevent it from displaying empty lists and dicts 2017-10-23 22:25:37 -05:00
ekultek
977564ae62 minor update where running through a file or dork would not allow you to parse webcache or pull all URLs, also updated some whois lookup info 2017-10-21 16:59:43 -05:00
ekultek
e2287391c3 created a whois lookup search. Will either display it in human readable form with the correct flags, or save the found information to a log file 2017-10-21 10:16:16 -05:00
ekultek
1c24a4b4af some minor edits done to the prorgam, grammar fixes, moved some functions, edited some things, nothing to major or important 2017-10-17 13:33:40 -05:00
ekultek
a909ac6c74 updating some doc strings, will be updating them more in time. just wanted to go ahead and start on them for now 2017-10-16 10:03:35 -05:00
ekultek
21398eaf8a patches an issue where the target refuses the connection (issue #97), also creates a way to run against the IP addresses of the hostname instead 2017-10-14 07:47:50 -05:00
ekultek
37f1669596 update to the geckodriver versions, it will extract the one that is correct for your system 2017-10-13 13:39:09 -05:00
ekultek
24cdc14e9e minor patch to catch the geckodriver error, happens when firefox is not compatible (issue #94) 2017-10-13 13:15:46 -05:00
ekultek
c35fddb4ce just cleaning up the parameters a little bit, not as messy now 2017-10-12 11:59:59 -05:00
ekultek
c008f93d16 multi-threading is broken, working on a fix, for now DO NOT use it 2017-10-12 10:43:13 -05:00
ekultek
799b6baba0 created some new extenstions and a threading flag for the admin panel finder 2017-10-11 17:47:18 -05:00
ekultek
e9f5b82d05 initial push for an issue (#58) where it would not auto start sqlmap, lots more work to be done so make sure you start the sqlmap server before the process 2017-10-11 14:36:34 -05:00
ekultek
80d9565585 files edited to reflect the move of the settings, errors, and tamper scripts folders 2017-10-10 17:01:13 -05:00
ekultek
b52f301358 branch issue fix #1 2017-10-07 09:34:03 -05:00
ekultek
671e77b984 patch for issue #49, bo longer need to restart the sqlmap API each iteration 2017-10-07 08:09:16 -05:00
ekultek
97b620aef4 initial fix for issue #49, still more work to be done 2017-10-05 21:21:51 -05:00
ekultek
008ee37362 minor edit to skip safe characters in encoding 2017-10-03 11:18:13 -05:00
ekultek
d813942c55 created three new tamper scripts and added warnings to other ones 2017-10-02 12:10:34 -05:00
ekultek
c618647eeb created three new tamper scripts and added warnings to other ones 2017-10-02 12:10:15 -05:00
ekultek
67a1738278 minor change to sqlmap scan, will not output '{}' if there are no arguments passed 2017-10-01 08:28:14 -05:00
ekultek
ceca62c4b4 auto issue creation, also caught an error, apparently it's really hard to understand tHAT SQLMAP NEEDS TO BE STARTED IN ORDER TO WORK 2017-09-30 08:01:40 -05:00
ekultek
f38ec5f65f adding support for python 3 (issue #7) if you find any issues with python3 please make an issue there 2017-09-29 14:28:53 -05:00
ekultek
3e4e37042a complete re-write of intel AMT bypass, proxy and user agent configuration added for issue #9 2017-09-29 13:58:46 -05:00
ekultek
024e660853 created a tamper script for URL encoding, created tamper warnings, minor update to search.py, bumped version number 2017-09-29 10:21:26 -05:00
ekultek
9de772204e creating tamper scripts for the XSS payloads 2017-09-28 11:16:48 -05:00
ekultek
83e0a5a436 updates to the XSS scanner, will successfully output if possible sqli is present or not, and only display the information once 2017-09-27 18:02:55 -05:00
ekultek
09d3bf1067 created a flag for you to pass a file to try attacks with, this way you can just attack the targets found after searching 2017-09-27 14:14:08 -05:00
ekultek
166e918223 patched the XSS scanner, should work better now 2017-09-27 10:35:39 -05:00
ekultek
90d3798a93 created an XSS scanner for issue #8 2017-09-26 12:56:35 -05:00
Thomas Perkins
ed4820b8ee Merge pull request #12 from cclauss/modernize-python2-code
Fix urllib imports for Python 3
2017-09-25 14:14:37 -05:00
cclauss
b708f5627f Modernize Python 2 code to get ready for Python 3 2017-09-25 21:06:02 +02:00
ekultek
6875605c98 patch for issue #2 install xvfb if it isn't there, also added it to the README requirements. 2017-09-25 11:08:32 -05:00
cclauss
73486352ec Simplify with dict comprehension
https://docs.python.org/2/tutorial/datastructures.html#dictionaries
2017-09-25 17:19:46 +02:00
ekultek
36259f3a12 created an admin page finder for the found URL's 2017-09-20 17:19:20 -05:00
ekultek
47561c3aab added the ability to create arguments for nmap 2017-09-18 15:25:42 -05:00
ekultek
3042b2e24c created a scan for Intel ME exploit 2017-09-13 16:38:54 -05:00
ekultek
ac89b9fc97 removed unused import 'time' 2017-09-11 09:45:39 -05:00
ekultek
5aa3b19ec7 increased scanning time, sqlmap will scan faster now and not sleep as long 2017-09-10 08:51:36 -05:00
ekultek
bc02651e78 edited so that the type in the output won't be messed up 2017-09-10 08:50:41 -05:00
ekultek
118c0f1d2d edited the warning message to tell people they need to restart the sqlmap API server each iteration 2017-09-09 08:36:47 -05:00
ekultek
a5e204731f edited the nmap scan, it will work successfully and skip if nothing is found 2017-09-08 14:26:29 -05:00
ekultek
b22180a82d minor change to output the current URL before sqlmap scan 2017-09-07 20:55:06 -05:00
ekultek
5432fdd15b initial release of Zeus - Advanced dork scanner 2017-09-07 12:54:16 -05:00