RapidScan – The Multi-Tool Web Vulnerability Scanner

Evolution:It is quite a fuss for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program is to solve this problem through automation; viz. running multiple scanning tools to discover vulnerabilities, effectively judge false-positives, collectively correlate results and saves precious time; all these under one roof.Enter RapidScan.Featuresone-step installation.executes a multitude of security scanning tools, does other custom coded checks and prints the results spontaneously.some of the tools include nmap, dnsrecon, wafw00f, uniscan, sslyze, fierce, lbd, theharvester, dnswalk, golismero etc executes under one entity.saves a lot of time, indeed a lot time!.checks for same vulnerabilities with multiple tools to help you zero-in on false positives effectively.legends to help you understand which tests may take longer time, so you can Ctrl+C to skip if needed.association with OWASP Top 10 2017 on the list of vulnerabilities discovered. (under development)critical, high, medium, low and informational classification of vulnerabilities.vulnerability definitions guides you what the vulnerability actually is and the threat it can pose. (under development)remediations tells you how to plug/fix the found vulnerability. (under development)executive summary gives you an overall context of the scan performed with critical, high, low and informational issues discovered. (under development)artificial intelligence to deploy tools automatically depending upon the issues found. for eg; automates the launch of wpscan and plecost tools when a wordpress installation is found. (under development)detailed comprehensive report in a portable document format (*.pdf) with complete details of the scans and tools used. (under development)FYI:program is still under development, works and currently supports 80 vulnerability tests.parallel processing is not yet implemented, may be coded as more tests gets introduced.Vulnerability ChecksDNS/HTTP Load Balancers & Web Application Firewalls.Checks for Joomla, WordPress and DrupalSSL related Vulnerabilities (HEARTBLEED, FREAK, POODLE, CCS Injection, LOGJAM, OCSP Stapling).Commonly Opened Ports.DNS Zone Transfers using multiple tools (Fierce, DNSWalk, DNSRecon, DNSEnum).Sub-Domains Brute Forcing.Open Directory/File Brute Forcing.Shallow XSS, SQLi and BSQLi Banners.Slow-Loris DoS Attack, LFI (Local File Inclusion), RFI (Remote File Inclusion) & RCE (Remote Code Execution).& more coming up…RequirementsPython 2.7Kali OS (Preferred, as it is shipped with almost all the tools) For other OS flavours, working on a docker support. Hang on.UsageDownload the script and give executable permissionswget -O rapidscan.py https://raw.githubusercontent.com/skavngr/rapidscan/master/rapidscan.py && chmod +x rapidscan.pyHelpOutputContributionhttps://gist.github.com/MarcDiethelm/7303312Download Rapidscan

Link: http://feedproxy.google.com/~r/PentestTools/~3/hfz-4xWFw40/rapidscan-multi-tool-web-vulnerability.html

Recsech – Tool For Doing Footprinting And Reconnaissance On The Target Web

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .Features in tools Name Release Release Date Auto request with Proxy yes 01/05/19 Find Email yes 01/05/19 HoneySpot Detected yes 01/05/19 Subdomain takeover yes 01/05/19 Check Technologies yes 01/05/19 Whois no N/A Crlf injection no N/A Header Security yes 01/05/19 Update Check yes 01/05/19 Port Scanner yes 02/05/19 Sort Domain By IP yes 02/05/19 WordPress audit no N/A Reconnaissance On Github yes 02/05/19 Language Selection yes 02/05/19 WAF yes 03/05/19 Requirements for using this toolWe need several requirements to use this tool to run smoothly.LinuxPHP 7.xPHP curlWindowsXAMP >= 7.3.5InstallationYou can download the latest tarball by clicking here or latest zipball by clicking here.Preferably, you can download sqlmap by cloning the Git repository:git clone –depth 1 https://github.com/radenvodka/Recsech.git RecsechRecsech Environment Windows (Command Prompt Windows)Download RecsechHow to install to Windows CLI :Extract all files in C: \WindowsEdit Files Recsech.bat , then set your PHP patch (if you have installed xampp on your C drive you don’t need to do this step)@echo offset PATH=%PATH%;C:\xampp\phptitle Recsech – Recon and Researchphp “C:\Windows\Recsech.php" %1Open cmd and do the Recsech command.UsageEnough to execute the command :php Recsech.php example.comor if it doesn’t work, use the command :php Recsech.php debugand don’t forget to ask at issue pageDownload Recsech

Link: http://feedproxy.google.com/~r/PentestTools/~3/fA2yZMgyywc/recsech-tool-for-doing-footprinting-and.html

Zeebsploit – Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hackingsearching for web information andscanning vulnerabilities of a webInstallation & Usageapt-get install gitgit clone https://github.com/jaxBCD/Zeebsploit.gitcd Zeebsploitchmod +x install./installpython3 zeebsploit.pytype ‘help’ for show modulesand follow instructionModules[Main modules]+———-+——————————-+| Modules | Description |+———-+——————————-+| Exploit | Exploitation Modules || Scanners | Scanners Modules || infoga | information Gathering Modules |+———-+——————————-+[Exploit Modules]+—————————+————————————————–+| Modules | Description |+—————————+————————————————–+| wp content injection | wordpress content injection version 4.7 or 4.7.1 || wp revslider | wordpress plugin revslider remote file upload || wp learndash | wordpress leardash remote file upload || wp swhobiz | wordpress plugin showbiz remote file upload || joomla com fabrik | joomla component fabrik file upload || joomla manager get config | joomla component manager auto get config || joomla jdownload | joomla component jdownloads remote file upload || joomla | Joomla ads manager component auto shell upload || apache struts rce | CVE: 2017-5638 – Apache Struts2 S2-045 || | remote command execution || drupal8 rce | drupal version 8 remote command execution || dvr cam leak credential | TBK DVR4104 / DVR4216 || | – Credentials Leak (Get User and password || webdav file upload | Nothing || —More— | Coming Soon the following version |+—————————+————————————————–+[Scanner Module]+——————–+—————————————-+| Modules | Description |+——————–+—————————————-+| subdomain scanner | Scan Subdomain for Web || sqli scanner | Scan Sql Injection Vulnerability || xss scanner | Scan XSS Injection Vulnerability || lfi scanner | Local File Includes Scanner etc/passwd || admin login finder | Scan Admin Login page || directory scanner | scan directory on web us e dirhunt || subdomain takeover | scan type subdomain takeover || —More— | Coming Soon the following version |+——————–+—————————————-+[Information Gathering]+——————–+——————————————+| Modules | Description |+——————–+——————————————+| cms detector | a tool for detecting cms on a web || port scanner | Scan Open Port use Nmap || information header | response header information || ip geolocation | detect the location of an ip or host || email searcher | searching email from web || traceroute | to show the route the package has pas sed || robot.txt detector | Scan Robot.txt from Web || header information | Response Header Checker || whois lookup | looking for registered users or || | recipients of Internet resource rights || —More— | Coming Soon the following version |+——————–+——————————————+Join Team : [Click This]Contact : [Contact]Download Zeebsploit

Link: http://feedproxy.google.com/~r/PentestTools/~3/9xaMRbIv1Dk/zeebsploit-web-scanner-exploitation.html

Zeebsploit – Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hackingsearching for web information andscanning vulnerabilities of a webInstallation & Usageapt-get install gitgit clone https://github.com/jaxBCD/Zeebsploit.gitcd Zeebsploitchmod +x install./installpython3 zeebsploit.pytype ‘help’ for show modulesand follow instructionModules[Main modules]+———-+——————————-+| Modules | Description |+———-+——————————-+| Exploit | Exploitation Modules || Scanners | Scanners Modules || infoga | information Gathering Modules |+———-+——————————-+[Exploit Modules]+—————————+————————————————–+| Modules | Description |+—————————+————————————————–+| wp content injection | wordpress content injection version 4.7 or 4.7.1 || wp revslider | wordpress plugin revslider remote file upload || wp learndash | wordpress leardash remote file upload || wp swhobiz | wordpress plugin showbiz remote file upload || joomla com fabrik | joomla component fabrik file upload || joomla manager get config | joomla component manager auto get config || joomla jdownload | joomla component jdownloads remote file upload || joomla | Joomla ads manager component auto shell upload || apache struts rce | CVE: 2017-5638 – Apache Struts2 S2-045 || | remote command execution || drupal8 rce | drupal version 8 remote command execution || dvr cam leak credential | TBK DVR4104 / DVR4216 || | – Credentials Leak (Get User and password || webdav file upload | Nothing || —More— | Coming Soon the following version |+—————————+————————————————–+[Scanner Module]+——————–+—————————————-+| Modules | Description |+——————–+—————————————-+| subdomain scanner | Scan Subdomain for Web || sqli scanner | Scan Sql Injection Vulnerability || xss scanner | Scan XSS Injection Vulnerability || lfi scanner | Local File Includes Scanner etc/passwd || admin login finder | Scan Admin Login page || directory scanner | scan directory on web us e dirhunt || subdomain takeover | scan type subdomain takeover || —More— | Coming Soon the following version |+——————–+—————————————-+[Information Gathering]+——————–+——————————————+| Modules | Description |+——————–+——————————————+| cms detector | a tool for detecting cms on a web || port scanner | Scan Open Port use Nmap || information header | response header information || ip geolocation | detect the location of an ip or host || email searcher | searching email from web || traceroute | to show the route the package has pas sed || robot.txt detector | Scan Robot.txt from Web || header information | Response Header Checker || whois lookup | looking for registered users or || | recipients of Internet resource rights || —More— | Coming Soon the following version |+——————–+——————————————+Join Team : [Click This]Contact : [Contact]Download Zeebsploit

Link: http://feedproxy.google.com/~r/PentestTools/~3/RZKskKnsCFU/zeebsploit-web-scanner-exploitation_10.html

Masc – A Web Malware Scanner

A malware (web) scanner developed during CyperCamp Hackathon 2017.FeaturesAt the moment, there are some features avaiable for any type of website (custom or CMS) and some of them only available for specific platforms:Scan any website for malware using OWASP WebMalwareScanner checksum, YARA rules databases and ClamAV engine (if available)Perform some cleaning operations to improve website protectionMonitor the website for changes. Details are written in a log fileScan your site to know if it has been infected with some malwareList your local backupsLogging supportBackup your siteRestore websiteScan for suspect files and compare with a clean installation (for WordPress and Drupal)Clean up your site to avoid giving extra information to attackers (only available for WordPress)RequirementsFirst of all, notice that this tool is developed under Linux and, at the moment, it has been tested only under this Operating SystemPython >= 3Some Python librariespython-magicyara-pythonwatchdogtermcolorpypandocprogresssanti@zenbook:$ pip3 install python-magic yara-python watchdog termcolor pypandoc progressClamAV to integrate with its engine (optional but recommended)NoticeIn my notebook, after upgrading to Debian testing, masc became to show an error related to YaraOSError: /usr/lib/libyara.so: cannot open shared object file: No such file or directoryAfter trying a lot of solutions I found in the Internet, I realized that this file was located in my computer in /usr/local/lib/python3.5/dist-packages/usr/lib, so I created a symbolic link from the previous path to /usr/libsanti@zenbook:$ ln -s /usr/local/lib/python3.5/dist-packages/usr/lib/libyara.so /usr/lib/libyara.soAnd now, masc and Yara library are running with no problems.Noticemasc is developed under Linux and it has not been tested under any other Operating System.Anyway, it should run without problems under any Unix-friendly OS. In particular, in Mac OSX I have noticed it’s neccesary to install Homebrew to use python-magic library propery as libmagic. Check first the previous link to the brew homepage and then you will be able to install as I show below:santi@zenbook:$ brew install libmagicInstallationTo install masc on your computer, you can download a release, untar it and try. You can also install it usign pip (‘pip3 install masc’)Usagemasc 0.2.2 (http://github.com/sfaci/masc)usage: masc.py [-h] [–add-file FILENAME] [–add-word STRING] [–clean-cache] [–clean-site] [–list-backups] [–make-backup] [–monitor] [–name NAME] [–path PATH] [–rollback] [–scan] [–site-type {wordpress,drupal,custom}]optional arguments: -h, –help show this help message and exit –add-file FILENAME Add a suspect file to the dictionary –add-word STRING Add a suspect content to the dictionary –clean-cache Clean masc cache (cache and logs files, NO backups) –clean-site Clean up the site to hide information to attackers –list-backups List local backups –make-backup Create a local backupv of the current installation –monitor Monitor site to detect changes –name NAME Name assigned to the scanned installation –path PATH Website installation path –rollback Restore a local backup –scan Scan website for malware –site-type {wordpress,drupal,custom} which type of web you want to scan:: wordpress, joomla, drupal or magentoTestThere is a repository in the Docker Hub to perform tests masc-wordpressDocumentationYou can find a complete tutorial about how to use masc in the wikiAuthorSantiago Faci santi@arkabytes.comDownload Masc

Link: http://feedproxy.google.com/~r/PentestTools/~3/O45kS_1jZAs/masc-web-malware-scanner.html