Commit graph

274 commits

Author SHA1 Message Date
ekultek
1fd3f281e7 updates to cloudflare, sucuri WAF scripts, added AWS waf script (issue #142) 2017-11-14 16:07:26 -06:00
ekultek
beaa69f7af added a few new WAF scripts (issue #142) squid proxy IDS, cloudfront, minor updates to modsecurity 2017-11-14 13:54:52 -06:00
ekultek
5df541f8b4 new checksums for the changed files 2017-11-14 12:55:18 -06:00
ekultek
e1897912cc parses the black list on multiple searches now as well, will prompt you or continue 2017-11-14 12:55:03 -06:00
ekultek
6f05a8e656 bumped version number, added return True to the blacklist parsing 2017-11-14 12:54:22 -06:00
ekultek
885fe2e43f created a new WAF script for powerful firewall (mybb plugin issue #142) 2017-11-14 12:53:54 -06:00
ekultek
55b1285809 multiple tamper scripts now implemented (issue #149), checks if the status code is a 404 before saying it's XSS vulnerable (issue #147) 2017-11-14 11:46:14 -06:00
ekultek
10987c4e14 can now search multiple pages with a random dork using the -r flag (issue #146) 2017-11-14 11:15:02 -06:00
ekultek
f820f7ec7a new md5sums for the changed files 2017-11-13 20:46:51 -06:00
ekultek
a805afd1fa minor update so that it will not keep pulling the Apache server error, this way it will truly only pull what it believes are WAF/IDS/IPS's 2017-11-13 20:46:26 -06:00
ekultek
c4af51be6d created a blacklist, when a dork pulls no URLs it will add it to a blacklist, if the dork is in the blacklist and you use it again, it will prompt you if you want to continue or not 2017-11-13 20:45:32 -06:00
ekultek
651c0f4498 better fix for warnings, they won't show up now 2017-11-13 20:44:19 -06:00
ekultek
9cb82a7096 minor update to webseal WAF script, will better recognize now 2017-11-13 20:43:41 -06:00
ekultek
5d9de51a57 minor edit to a dork that had unicode in it 2017-11-13 20:43:13 -06:00
ekultek
2639eeadef updated modsecurity and created a new waf scripts for wordfence 2017-11-13 14:35:46 -06:00
ekultek
c91ba86fef patches an issue where warnings would be display (issue #145) 2017-11-13 14:35:24 -06:00
ekultek
ef97ce7094 fix or an issue when an error occurs during the WhoIs lookup it will exit (issue #144) 2017-11-13 14:29:32 -06:00
ekultek
d4c1e2dc1c patch for an issue where the firefox profile would fail, will now specify the binary path if you hit this error (issue #143) 2017-11-13 09:48:02 -06:00
ekultek
f2cad88415 initial push for issue #142, created a few WAF scripts to detect, will also save the fingerprint of the WAF script if the protection is declared to be generic 2017-11-12 19:13:00 -06:00
ekultek
1eb861ae16 patch for a reported issue (private) where if there are no URL's left it will keep going until it hits the max page, will now stop 2017-11-11 16:30:03 -06:00
ekultek
cec5a4c7c5 will now save discovered cookies to a log file 2017-11-11 16:02:34 -06:00
ekultek
77bc6dc956 multiple page searching no longer requires Google's API, you can now perform as many requests as you want and get as many links as you want as long as it does not go over 500 pages. Removed a couple dependencies that needed to be there for Google's API 2017-11-11 15:11:06 -06:00
ekultek
11976b7018 minor updates, removed the dict args option in sqlmaphook and fixed some output coloring issues 2017-11-11 15:09:20 -06:00
ekultek
22f622b549 new checksums for the edited files 2017-11-11 10:44:06 -06:00
ekultek
17c5771eac minor adjustments to the coding style, nothing that will cause any problems 2017-11-11 10:43:50 -06:00
ekultek
ed3d15c26f threading has been enabled on admin panel finder, be careful when going over 10 threads, you will be warned if you go over 2017-11-11 10:43:19 -06:00
ekultek
0046932f60 moved intel AMT bypass code to the deprecated folder and added it to the gitignore 2017-11-11 10:42:17 -06:00
ekultek
d4d6630f59 patches an error where if you are unable to retrieve the headers it will fail, will not just output that it is unable to retreive the headers (issue #141) 2017-11-11 06:25:33 -06:00
ekultek
b35f8afe3b is now able to parse sqlmap configuration files, so if you have a saved conf file from sqlmap that you like to use, you can use it here with the --sqlmap-conf flag 2017-11-10 14:30:01 -06:00
ekultek
7747f58700 patch for a privatley reported issue where enumerating a certain file would only allow you to run the latest log file, no matter what file was passed, will now allow you to run any file you want and if nothing is passed will run the latest log file 2017-11-10 13:32:06 -06:00
ekultek
e99a49bafb bumped the version number of the latest stable download link 2017-11-10 11:06:02 -06:00
ekultek
7eb4e8bbf4 new checksums for the files, removed intel from the checksum 2017-11-10 11:04:49 -06:00
ekultek
802f593695 intel AMT bypass is now suppressed from the help menu, full batch functionality added, intel AMT will be completely removed by version 1.3 2017-11-10 11:04:24 -06:00
ekultek
c740eb6e74 full batch functionality added to the searching 2017-11-10 11:03:12 -06:00
ekultek
70b5612f07 deprecated intel AMT bypass scanner, full batch functionality implemented, edited the deprecation method so it will no longer try to connect to the function, added extracted to the skip schema when writing log files, created a way to display the question with the default choice displayed as well, welcome to version 1.2 2017-11-10 11:02:30 -06:00
ekultek
3db01c4dcf will only display the headers that are equipped for protection and will no longer prompt you if you want to continue, a warning should be enough, fixed a new line issue in an inof message 2017-11-10 11:00:21 -06:00
ekultek
33ac2f961a same as admin panel, full batch functionaility has been implemented 2017-11-10 10:59:16 -06:00
ekultek
d5575b51ec has been deprecated, code will be moved to a deprecated folder inside of etc/deprecated by version 1.3 2017-11-10 10:58:45 -06:00
ekultek
c6c27f8b26 created full batch functionality for the admin panel finder, will display the default if batch is requested 2017-11-10 10:58:11 -06:00
ekultek
150ebef721 will now save all headers to the log file 2017-11-09 14:40:23 -06:00
ekultek
4ac02a8ff1 patch for a reported issue where saving the files would save over the important logs, such as url-log-1 -> url-log(1), blackwidow-log-1 -> blackwidow-log(1) (privatley reported) 2017-11-09 10:57:51 -06:00
ekultek
49cfc78d9e patch for an issue where I rolled back a search setting 2017-11-09 08:31:29 -06:00
ekultek
f8623a59ea edited the checksums for the files 2017-11-09 08:27:02 -06:00
ekultek
e490a1903c removed safe search enabled setting in Google API search 2017-11-09 08:26:50 -06:00
ekultek
d258803efc moved the run attacks function to the settings file 2017-11-09 08:26:29 -06:00
ekultek
0151d26449 fixed some circular importing issues 2017-11-09 08:25:46 -06:00
ekultek
4e46a2a953 new checksums for the edited files 2017-11-08 20:04:16 -06:00
ekultek
888a3e4bdd batch enabled on most attacks, intel AMT bypass scanner will be deprecated by version 1.2 will show a deprecation warning when run 2017-11-08 20:04:02 -06:00
ekultek
65744104f3 minor tweak to output colors, when run in batch will not prompt if you want to save the URL's, will just delete them 2017-11-08 20:02:51 -06:00
ekultek
769f4c5dc6 minor tweak to the output coloring 2017-11-08 20:01:43 -06:00