A site scanner and vulnerability scanner / exposer.
Supported frameworks:
- Laravel
- WordPress
Run default command the supports multiple arguments
./main.py
Run command with login brute force
./main.py withLogin
Run command with browser
./main.py withBrowser
Run command with scraper
./main.py withScraper
Set url by arg
./main.py u=localhost
Set proxy server ip
./main.py p=127.0.0.1
As argument pass the url to the lock file and json file.
For example composer.json and composer.lock.
The command automatic downloads the files and run the snyk test to check for vulnerabilities.
snyk need to be installed to let this command work. You can install it with npm install -g snyk. And after installing
run snyk auth to authenticate .
./vulnerabilities-scanner.py https://localhost/package.json https://localhost/yarn.lock
Scrape the given url and save the result to a file inside _scraper folder.
./scraper.py
With url argument
./scraper.py u=https://localhost
Only use this tool for research purposes and with permission from the owner of the site.