Commit graph

162 commits

Author SHA1 Message Date
ekultek
cec5a4c7c5 will now save discovered cookies to a log file 2017-11-11 16:02:34 -06:00
ekultek
77bc6dc956 multiple page searching no longer requires Google's API, you can now perform as many requests as you want and get as many links as you want as long as it does not go over 500 pages. Removed a couple dependencies that needed to be there for Google's API 2017-11-11 15:11:06 -06:00
ekultek
11976b7018 minor updates, removed the dict args option in sqlmaphook and fixed some output coloring issues 2017-11-11 15:09:20 -06:00
ekultek
17c5771eac minor adjustments to the coding style, nothing that will cause any problems 2017-11-11 10:43:50 -06:00
ekultek
ed3d15c26f threading has been enabled on admin panel finder, be careful when going over 10 threads, you will be warned if you go over 2017-11-11 10:43:19 -06:00
ekultek
0046932f60 moved intel AMT bypass code to the deprecated folder and added it to the gitignore 2017-11-11 10:42:17 -06:00
ekultek
d4d6630f59 patches an error where if you are unable to retrieve the headers it will fail, will not just output that it is unable to retreive the headers (issue #141) 2017-11-11 06:25:33 -06:00
ekultek
b35f8afe3b is now able to parse sqlmap configuration files, so if you have a saved conf file from sqlmap that you like to use, you can use it here with the --sqlmap-conf flag 2017-11-10 14:30:01 -06:00
ekultek
7747f58700 patch for a privatley reported issue where enumerating a certain file would only allow you to run the latest log file, no matter what file was passed, will now allow you to run any file you want and if nothing is passed will run the latest log file 2017-11-10 13:32:06 -06:00
ekultek
70b5612f07 deprecated intel AMT bypass scanner, full batch functionality implemented, edited the deprecation method so it will no longer try to connect to the function, added extracted to the skip schema when writing log files, created a way to display the question with the default choice displayed as well, welcome to version 1.2 2017-11-10 11:02:30 -06:00
ekultek
3db01c4dcf will only display the headers that are equipped for protection and will no longer prompt you if you want to continue, a warning should be enough, fixed a new line issue in an inof message 2017-11-10 11:00:21 -06:00
ekultek
33ac2f961a same as admin panel, full batch functionaility has been implemented 2017-11-10 10:59:16 -06:00
ekultek
d5575b51ec has been deprecated, code will be moved to a deprecated folder inside of etc/deprecated by version 1.3 2017-11-10 10:58:45 -06:00
ekultek
c6c27f8b26 created full batch functionality for the admin panel finder, will display the default if batch is requested 2017-11-10 10:58:11 -06:00
ekultek
150ebef721 will now save all headers to the log file 2017-11-09 14:40:23 -06:00
ekultek
4ac02a8ff1 patch for a reported issue where saving the files would save over the important logs, such as url-log-1 -> url-log(1), blackwidow-log-1 -> blackwidow-log(1) (privatley reported) 2017-11-09 10:57:51 -06:00
ekultek
49cfc78d9e patch for an issue where I rolled back a search setting 2017-11-09 08:31:29 -06:00
ekultek
d258803efc moved the run attacks function to the settings file 2017-11-09 08:26:29 -06:00
ekultek
0151d26449 fixed some circular importing issues 2017-11-09 08:25:46 -06:00
ekultek
65744104f3 minor tweak to output colors, when run in batch will not prompt if you want to save the URL's, will just delete them 2017-11-08 20:02:51 -06:00
ekultek
769f4c5dc6 minor tweak to the output coloring 2017-11-08 20:01:43 -06:00
ekultek
42ee8e6a2b removed deprecated commented out code, minor tweak to the color output 2017-11-08 20:01:12 -06:00
ekultek
61d25ec6be minor tweaks to the output colors 2017-11-08 20:00:27 -06:00
ekultek
1445ac4a2e edited so that when something is clickjack vulnerable, you'll know it is 2017-11-08 19:59:48 -06:00
ekultek
68842f8d31 edited so that when something good happens you will know it's good, robots.txt will not prompt when running in batch mode 2017-11-08 19:58:44 -06:00
ekultek
79c0174105 added two new colors to the set_color function (bold yellow and bold green), created a deprecation function that will display if something is going to be deprecated soon or not 2017-11-08 19:57:33 -06:00
ekultek
856e38b970 while writing to a log file, if the file is already present, it will now write to a seperate file with the duplicate number in it, IE www.google.com-clickjacking.html will be www.google.com(1).html, www.google.com(2).html, etc.. (issue #140) 2017-11-08 14:00:31 -06:00
ekultek
864983250f when a header is present it will now display as a warning instead of an error 2017-11-08 13:57:45 -06:00
ekultek
b5ca0225b6 created a header check whilst running attacks. if a protection header is found in the headers found, it will prompt you and warn you 2017-11-07 14:52:57 -06:00
ekultek
46930fd19c patch for a reported issue (private) will now successfully search through the ports that may contain the AMT exploitable bypass 2017-11-07 12:22:53 -06:00
ekultek
826906487e bumped version number for new items 2017-11-07 11:57:14 -06:00
ekultek
dfb39c8eb3 added a timeout to the WhoIs lookup, this will prevent the API from stopping us 2017-11-07 11:56:51 -06:00
ekultek
b28fd3eac4 minor edits to most information, some updates to intel scans verbosity, comment edits to sqlmap 2017-11-06 12:25:53 -06:00
ekultek
bfdc001de2 minor edit to an invalid function call 2017-11-04 09:17:19 -05:00
ekultek
c8a823b2f6 edited the file path to reflect the file changes, optimizations to some of the functions, bumped version number, added another URL to the skip schema 2017-11-04 09:13:26 -05:00
ekultek
9b623cf8e0 edited the file paths to reflect the new direcetories 2017-11-04 09:10:58 -05:00
ekultek
25e674d4b7 patch for an issue where the attacks would fail due to non-extracted webcache URLs 2017-11-04 08:25:30 -05:00
ekultek
90ba39f3ed patch for an issue where if the site refuses connection it would keep trying to crawl it (issue #134) 2017-11-03 09:49:58 -05:00
ekultek
69fd18d5a5 you are now able to use Tor to do the searching by passing the --tor flag, the firefox browser settings will mimic the tor browser settings and you will be able to connect via Tor, be careful, Google does not like Tor. You will also be able to connect to Tor to do the parsing 2017-11-02 10:27:08 -05:00
ekultek
3bced94e70 minor update for a privately reported issue, where the HTML would display the site in a small scroll box, will not display as the full site 2017-11-02 09:24:23 -05:00
ekultek
bc335fa2d3 created a clickjacking scanner that will test a page for an X-Frame-Options header, if the header is not there, then it will create a basic HTML page with that URL as an iframe 2017-11-01 21:48:58 -05:00
ekultek
d1adbcdc10 forgot to bump the version number 2017-11-01 10:08:22 -05:00
ekultek
b26d29108c fixes an issue where the geckodriver will not connect, usually means something happened during the installation of it, will now attempt to re-install the geckodriver (issue #132) 2017-11-01 10:07:15 -05:00
ekultek
e85c13b2b8 minor update to the search.py file, X-Forwarded instead of X-Forward 2017-10-31 14:11:05 -05:00
ekultek
51db83833b patch for a reported issue where it would fail with from a website with Unicode 2017-10-31 13:18:40 -05:00
ekultek
29b2ad69e2 update to tamper scripts, using kwargs instead of warning 2017-10-31 13:17:33 -05:00
ekultek
fec7935d42 forgot to update the version number 2017-10-31 09:49:35 -05:00
ekultek
99575425f1 fixes an issue where if you run in verbose mode with whois lookup it will error out if certain information is not found (issue #128), it will now display the JSON data if you run in verbose mode 2017-10-31 09:47:49 -05:00
ekultek
04cd49e722 added some new URL's to the skip schema, edited the DDG link to the HTML link, made sure that the URL is not just a protocol before adding to the file 2017-10-29 11:46:36 -05:00
ekultek
6030774303 a patch for a reported issue (private) where if the found sitemap already exists, it would error out. will not just write as plain text and warn you that it probably already exists, also fixes an issue where found admin pages where not saved to a log file, and finally moved the sitemap.xml and robots.txt searches to a single function 2017-10-29 11:00:28 -05:00