ekultek
|
fec7935d42
|
forgot to update the version number
|
2017-10-31 09:49:35 -05:00 |
|
ekultek
|
99575425f1
|
fixes an issue where if you run in verbose mode with whois lookup it will error out if certain information is not found (issue #128), it will now display the JSON data if you run in verbose mode
|
2017-10-31 09:47:49 -05:00 |
|
ekultek
|
6030774303
|
a patch for a reported issue (private) where if the found sitemap already exists, it would error out. will not just write as plain text and warn you that it probably already exists, also fixes an issue where found admin pages where not saved to a log file, and finally moved the sitemap.xml and robots.txt searches to a single function
|
2017-10-29 11:00:28 -05:00 |
|
ekultek
|
cf2cc59022
|
fix for the intel AMT exploit checker (messed it up without realizing it)
|
2017-10-28 08:26:47 -05:00 |
|
ekultek
|
46fc2372c9
|
created a sitemap parser, will check for a page sitemap and save it if it is found, otherwise will just continue processing
|
2017-10-28 08:25:58 -05:00 |
|
ekultek
|
6ba7231e82
|
splitting the shell commands via shlex will make the commands more secure, and able to avoid most shell injection instances
|
2017-10-25 16:32:27 -05:00 |
|
ekultek
|
bdcc28b412
|
you are now successfully able to launch the sqlmap API automatically using the --auto flag (issue #58)
|
2017-10-25 13:26:20 -05:00 |
|
ekultek
|
c7fedc0165
|
fixed the nmap issues, it will run now it will also install itself if it's not there. working on sqlmap autostart (still). moved the function to create sqlmap and nmap arguments to settings.py. created two new scripts (one is still a work in progess)
|
2017-10-24 01:22:21 -05:00 |
|
ekultek
|
9cc673a05b
|
some minor changes to the WhoIs lookup, trying to prevent it from displaying empty lists and dicts
|
2017-10-23 22:25:37 -05:00 |
|
ekultek
|
977564ae62
|
minor update where running through a file or dork would not allow you to parse webcache or pull all URLs, also updated some whois lookup info
|
2017-10-21 16:59:43 -05:00 |
|
ekultek
|
e2287391c3
|
created a whois lookup search. Will either display it in human readable form with the correct flags, or save the found information to a log file
|
2017-10-21 10:16:16 -05:00 |
|
ekultek
|
1c24a4b4af
|
some minor edits done to the prorgam, grammar fixes, moved some functions, edited some things, nothing to major or important
|
2017-10-17 13:33:40 -05:00 |
|
ekultek
|
a909ac6c74
|
updating some doc strings, will be updating them more in time. just wanted to go ahead and start on them for now
|
2017-10-16 10:03:35 -05:00 |
|
ekultek
|
21398eaf8a
|
patches an issue where the target refuses the connection (issue #97), also creates a way to run against the IP addresses of the hostname instead
|
2017-10-14 07:47:50 -05:00 |
|
ekultek
|
37f1669596
|
update to the geckodriver versions, it will extract the one that is correct for your system
|
2017-10-13 13:39:09 -05:00 |
|
ekultek
|
24cdc14e9e
|
minor patch to catch the geckodriver error, happens when firefox is not compatible (issue #94)
|
2017-10-13 13:15:46 -05:00 |
|
ekultek
|
c35fddb4ce
|
just cleaning up the parameters a little bit, not as messy now
|
2017-10-12 11:59:59 -05:00 |
|
ekultek
|
c008f93d16
|
multi-threading is broken, working on a fix, for now DO NOT use it
|
2017-10-12 10:43:13 -05:00 |
|
ekultek
|
799b6baba0
|
created some new extenstions and a threading flag for the admin panel finder
|
2017-10-11 17:47:18 -05:00 |
|
ekultek
|
e9f5b82d05
|
initial push for an issue (#58) where it would not auto start sqlmap, lots more work to be done so make sure you start the sqlmap server before the process
|
2017-10-11 14:36:34 -05:00 |
|
ekultek
|
80d9565585
|
files edited to reflect the move of the settings, errors, and tamper scripts folders
|
2017-10-10 17:01:13 -05:00 |
|
ekultek
|
b52f301358
|
branch issue fix #1
|
2017-10-07 09:34:03 -05:00 |
|
ekultek
|
671e77b984
|
patch for issue #49, bo longer need to restart the sqlmap API each iteration
|
2017-10-07 08:09:16 -05:00 |
|
ekultek
|
97b620aef4
|
initial fix for issue #49, still more work to be done
|
2017-10-05 21:21:51 -05:00 |
|
ekultek
|
008ee37362
|
minor edit to skip safe characters in encoding
|
2017-10-03 11:18:13 -05:00 |
|
ekultek
|
d813942c55
|
created three new tamper scripts and added warnings to other ones
|
2017-10-02 12:10:34 -05:00 |
|
ekultek
|
c618647eeb
|
created three new tamper scripts and added warnings to other ones
|
2017-10-02 12:10:15 -05:00 |
|
ekultek
|
67a1738278
|
minor change to sqlmap scan, will not output '{}' if there are no arguments passed
|
2017-10-01 08:28:14 -05:00 |
|
ekultek
|
ceca62c4b4
|
auto issue creation, also caught an error, apparently it's really hard to understand tHAT SQLMAP NEEDS TO BE STARTED IN ORDER TO WORK
|
2017-09-30 08:01:40 -05:00 |
|
ekultek
|
f38ec5f65f
|
adding support for python 3 (issue #7) if you find any issues with python3 please make an issue there
|
2017-09-29 14:28:53 -05:00 |
|
ekultek
|
3e4e37042a
|
complete re-write of intel AMT bypass, proxy and user agent configuration added for issue #9
|
2017-09-29 13:58:46 -05:00 |
|
ekultek
|
024e660853
|
created a tamper script for URL encoding, created tamper warnings, minor update to search.py, bumped version number
|
2017-09-29 10:21:26 -05:00 |
|
ekultek
|
9de772204e
|
creating tamper scripts for the XSS payloads
|
2017-09-28 11:16:48 -05:00 |
|
ekultek
|
83e0a5a436
|
updates to the XSS scanner, will successfully output if possible sqli is present or not, and only display the information once
|
2017-09-27 18:02:55 -05:00 |
|
ekultek
|
09d3bf1067
|
created a flag for you to pass a file to try attacks with, this way you can just attack the targets found after searching
|
2017-09-27 14:14:08 -05:00 |
|
ekultek
|
166e918223
|
patched the XSS scanner, should work better now
|
2017-09-27 10:35:39 -05:00 |
|
ekultek
|
90d3798a93
|
created an XSS scanner for issue #8
|
2017-09-26 12:56:35 -05:00 |
|
Thomas Perkins
|
ed4820b8ee
|
Merge pull request #12 from cclauss/modernize-python2-code
Fix urllib imports for Python 3
|
2017-09-25 14:14:37 -05:00 |
|
cclauss
|
b708f5627f
|
Modernize Python 2 code to get ready for Python 3
|
2017-09-25 21:06:02 +02:00 |
|
ekultek
|
6875605c98
|
patch for issue #2 install xvfb if it isn't there, also added it to the README requirements.
|
2017-09-25 11:08:32 -05:00 |
|
cclauss
|
73486352ec
|
Simplify with dict comprehension
https://docs.python.org/2/tutorial/datastructures.html#dictionaries
|
2017-09-25 17:19:46 +02:00 |
|
ekultek
|
36259f3a12
|
created an admin page finder for the found URL's
|
2017-09-20 17:19:20 -05:00 |
|
ekultek
|
47561c3aab
|
added the ability to create arguments for nmap
|
2017-09-18 15:25:42 -05:00 |
|
ekultek
|
3042b2e24c
|
created a scan for Intel ME exploit
|
2017-09-13 16:38:54 -05:00 |
|
ekultek
|
ac89b9fc97
|
removed unused import 'time'
|
2017-09-11 09:45:39 -05:00 |
|
ekultek
|
5aa3b19ec7
|
increased scanning time, sqlmap will scan faster now and not sleep as long
|
2017-09-10 08:51:36 -05:00 |
|
ekultek
|
bc02651e78
|
edited so that the type in the output won't be messed up
|
2017-09-10 08:50:41 -05:00 |
|
ekultek
|
118c0f1d2d
|
edited the warning message to tell people they need to restart the sqlmap API server each iteration
|
2017-09-09 08:36:47 -05:00 |
|
ekultek
|
a5e204731f
|
edited the nmap scan, it will work successfully and skip if nothing is found
|
2017-09-08 14:26:29 -05:00 |
|
ekultek
|
b22180a82d
|
minor change to output the current URL before sqlmap scan
|
2017-09-07 20:55:06 -05:00 |
|