ekultek
|
70b5612f07
|
deprecated intel AMT bypass scanner, full batch functionality implemented, edited the deprecation method so it will no longer try to connect to the function, added extracted to the skip schema when writing log files, created a way to display the question with the default choice displayed as well, welcome to version 1.2
|
2017-11-10 11:02:30 -06:00 |
|
ekultek
|
3db01c4dcf
|
will only display the headers that are equipped for protection and will no longer prompt you if you want to continue, a warning should be enough, fixed a new line issue in an inof message
|
2017-11-10 11:00:21 -06:00 |
|
ekultek
|
33ac2f961a
|
same as admin panel, full batch functionaility has been implemented
|
2017-11-10 10:59:16 -06:00 |
|
ekultek
|
d5575b51ec
|
has been deprecated, code will be moved to a deprecated folder inside of etc/deprecated by version 1.3
|
2017-11-10 10:58:45 -06:00 |
|
ekultek
|
c6c27f8b26
|
created full batch functionality for the admin panel finder, will display the default if batch is requested
|
2017-11-10 10:58:11 -06:00 |
|
ekultek
|
150ebef721
|
will now save all headers to the log file
|
2017-11-09 14:40:23 -06:00 |
|
ekultek
|
4ac02a8ff1
|
patch for a reported issue where saving the files would save over the important logs, such as url-log-1 -> url-log(1), blackwidow-log-1 -> blackwidow-log(1) (privatley reported)
|
2017-11-09 10:57:51 -06:00 |
|
ekultek
|
49cfc78d9e
|
patch for an issue where I rolled back a search setting
|
2017-11-09 08:31:29 -06:00 |
|
ekultek
|
d258803efc
|
moved the run attacks function to the settings file
|
2017-11-09 08:26:29 -06:00 |
|
ekultek
|
0151d26449
|
fixed some circular importing issues
|
2017-11-09 08:25:46 -06:00 |
|
ekultek
|
65744104f3
|
minor tweak to output colors, when run in batch will not prompt if you want to save the URL's, will just delete them
|
2017-11-08 20:02:51 -06:00 |
|
ekultek
|
769f4c5dc6
|
minor tweak to the output coloring
|
2017-11-08 20:01:43 -06:00 |
|
ekultek
|
42ee8e6a2b
|
removed deprecated commented out code, minor tweak to the color output
|
2017-11-08 20:01:12 -06:00 |
|
ekultek
|
61d25ec6be
|
minor tweaks to the output colors
|
2017-11-08 20:00:27 -06:00 |
|
ekultek
|
1445ac4a2e
|
edited so that when something is clickjack vulnerable, you'll know it is
|
2017-11-08 19:59:48 -06:00 |
|
ekultek
|
68842f8d31
|
edited so that when something good happens you will know it's good, robots.txt will not prompt when running in batch mode
|
2017-11-08 19:58:44 -06:00 |
|
ekultek
|
79c0174105
|
added two new colors to the set_color function (bold yellow and bold green), created a deprecation function that will display if something is going to be deprecated soon or not
|
2017-11-08 19:57:33 -06:00 |
|
ekultek
|
856e38b970
|
while writing to a log file, if the file is already present, it will now write to a seperate file with the duplicate number in it, IE www.google.com-clickjacking.html will be www.google.com(1).html, www.google.com(2).html, etc.. (issue #140)
|
2017-11-08 14:00:31 -06:00 |
|
ekultek
|
864983250f
|
when a header is present it will now display as a warning instead of an error
|
2017-11-08 13:57:45 -06:00 |
|
ekultek
|
b5ca0225b6
|
created a header check whilst running attacks. if a protection header is found in the headers found, it will prompt you and warn you
|
2017-11-07 14:52:57 -06:00 |
|
ekultek
|
46930fd19c
|
patch for a reported issue (private) will now successfully search through the ports that may contain the AMT exploitable bypass
|
2017-11-07 12:22:53 -06:00 |
|
ekultek
|
826906487e
|
bumped version number for new items
|
2017-11-07 11:57:14 -06:00 |
|
ekultek
|
dfb39c8eb3
|
added a timeout to the WhoIs lookup, this will prevent the API from stopping us
|
2017-11-07 11:56:51 -06:00 |
|
ekultek
|
b28fd3eac4
|
minor edits to most information, some updates to intel scans verbosity, comment edits to sqlmap
|
2017-11-06 12:25:53 -06:00 |
|
ekultek
|
bfdc001de2
|
minor edit to an invalid function call
|
2017-11-04 09:17:19 -05:00 |
|
ekultek
|
c8a823b2f6
|
edited the file path to reflect the file changes, optimizations to some of the functions, bumped version number, added another URL to the skip schema
|
2017-11-04 09:13:26 -05:00 |
|
ekultek
|
9b623cf8e0
|
edited the file paths to reflect the new direcetories
|
2017-11-04 09:10:58 -05:00 |
|
ekultek
|
25e674d4b7
|
patch for an issue where the attacks would fail due to non-extracted webcache URLs
|
2017-11-04 08:25:30 -05:00 |
|
ekultek
|
90ba39f3ed
|
patch for an issue where if the site refuses connection it would keep trying to crawl it (issue #134)
|
2017-11-03 09:49:58 -05:00 |
|
ekultek
|
69fd18d5a5
|
you are now able to use Tor to do the searching by passing the --tor flag, the firefox browser settings will mimic the tor browser settings and you will be able to connect via Tor, be careful, Google does not like Tor. You will also be able to connect to Tor to do the parsing
|
2017-11-02 10:27:08 -05:00 |
|
ekultek
|
3bced94e70
|
minor update for a privately reported issue, where the HTML would display the site in a small scroll box, will not display as the full site
|
2017-11-02 09:24:23 -05:00 |
|
ekultek
|
bc335fa2d3
|
created a clickjacking scanner that will test a page for an X-Frame-Options header, if the header is not there, then it will create a basic HTML page with that URL as an iframe
|
2017-11-01 21:48:58 -05:00 |
|
ekultek
|
d1adbcdc10
|
forgot to bump the version number
|
2017-11-01 10:08:22 -05:00 |
|
ekultek
|
b26d29108c
|
fixes an issue where the geckodriver will not connect, usually means something happened during the installation of it, will now attempt to re-install the geckodriver (issue #132)
|
2017-11-01 10:07:15 -05:00 |
|
ekultek
|
e85c13b2b8
|
minor update to the search.py file, X-Forwarded instead of X-Forward
|
2017-10-31 14:11:05 -05:00 |
|
ekultek
|
51db83833b
|
patch for a reported issue where it would fail with from a website with Unicode
|
2017-10-31 13:18:40 -05:00 |
|
ekultek
|
29b2ad69e2
|
update to tamper scripts, using kwargs instead of warning
|
2017-10-31 13:17:33 -05:00 |
|
ekultek
|
fec7935d42
|
forgot to update the version number
|
2017-10-31 09:49:35 -05:00 |
|
ekultek
|
99575425f1
|
fixes an issue where if you run in verbose mode with whois lookup it will error out if certain information is not found (issue #128), it will now display the JSON data if you run in verbose mode
|
2017-10-31 09:47:49 -05:00 |
|
ekultek
|
04cd49e722
|
added some new URL's to the skip schema, edited the DDG link to the HTML link, made sure that the URL is not just a protocol before adding to the file
|
2017-10-29 11:46:36 -05:00 |
|
ekultek
|
6030774303
|
a patch for a reported issue (private) where if the found sitemap already exists, it would error out. will not just write as plain text and warn you that it probably already exists, also fixes an issue where found admin pages where not saved to a log file, and finally moved the sitemap.xml and robots.txt searches to a single function
|
2017-10-29 11:00:28 -05:00 |
|
ekultek
|
182e588774
|
patched a privately reported issue that would not allow you to run the blackwidow crawler behind a proxy, forgot a space in the README file
|
2017-10-28 16:53:13 -05:00 |
|
ekultek
|
f75cabb876
|
added a new requirement BeautifulSoup, fixed the crawler will pull all links with an 'a' tag and descriptor of 'href', bumped version number
|
2017-10-28 16:28:18 -05:00 |
|
ekultek
|
0c8d4f9bf7
|
edited the default user agent so it will reflect the best practices of user agent strings (reference https://docs.developer.amazonservices.com/en_US/dev_guide/DG_UserAgentHeader.html)
|
2017-10-28 15:49:10 -05:00 |
|
ekultek
|
cf2cc59022
|
fix for the intel AMT exploit checker (messed it up without realizing it)
|
2017-10-28 08:26:47 -05:00 |
|
ekultek
|
46fc2372c9
|
created a sitemap parser, will check for a page sitemap and save it if it is found, otherwise will just continue processing
|
2017-10-28 08:25:58 -05:00 |
|
ekultek
|
073361339b
|
bumped the version number and edited the checksums to match the new updates
|
2017-10-28 08:25:13 -05:00 |
|
ekultek
|
ecf067b6bb
|
patch for unicode errors, it appears that selenium isn't formatted to handle unicode errors (as far as I can tell) so the dork that causes the error will be skipped (issue #125)
|
2017-10-27 17:14:08 -05:00 |
|
ekultek
|
6c46fd7523
|
splitting the shell commands via shlex will make the commands more secure, and able to avoid most shell injection instances
|
2017-10-25 16:32:55 -05:00 |
|
ekultek
|
6ba7231e82
|
splitting the shell commands via shlex will make the commands more secure, and able to avoid most shell injection instances
|
2017-10-25 16:32:27 -05:00 |
|