自主开发的分布式web漏洞扫描框架,集合webkit爬虫,Subdomain子域名发现,sqli、反射xss、Domxss等owasp top10漏洞扫描和边界资产发现能力。同时为通用CMS POC扫描提供了插件扩展平台
Python CSS HTML JavaScript PHP
Latest commit e35726e Oct 12, 2016 @blackye webservice
Permalink
Failed to load latest commit information.
bin first commit Aug 24, 2016
cache webservice Oct 12, 2016
lalascan webservice Oct 12, 2016
tests webservice Oct 12, 2016
thirdparty_libs webservice update Sep 30, 2016
webservice/lalascan_web webservice Oct 12, 2016
.gitignore webservice Oct 12, 2016
README.md update logo Sep 18, 2016
conf.py webservice Oct 12, 2016
lalascan.py db models update Oct 10, 2016
logo.png logo add Sep 18, 2016
requirement.txt db models update Oct 10, 2016

README.md

What's lalascan?

Web vulnerability scanner framework

Basic usage

 _          _
| |    __ _| | __ _ ___  ___ __ _ _ __
| |   / _` | |/ _` / __|/ __/ _` | '_ \
| |__| (_| | | (_| \__ \ (_| (_| | | | |
|_____\__,_|_|\__,_|___/\___\__,_|_| |_|

LalaScan WebApplication vul scanner!
usage:

optional arguments:
  -h, --help            Show help message and exit
  --version             Show program's version number and exit

[ Targets ]:
  -u URL, --url URL     Target URL (e.g. "http://www.lalascan.com/")
  -t PROCESS_NUM, --threads PROCESS_NUM
                        max number of process, default cpu number

[ Resource Found ]:
  -S, --spider          Enable user Spider

[ Plugin Option ]:
  -e PLUGIN, --enable-plugin PLUGIN
                        enable a plugin

[ Request Option ]:
  --data POST DATA      HTTP Post data
  --cookie COOKIE       HTTP Cookie header value
  --referer REFERER     HTTP Referer header value
  --user-agent AGENT    HTTP User-Agent header value
  --random-agent        Use randomly selected HTTP User-Agent header value
  --proxy PROXY         Use a proxy to connect to the target URL
  --timeout TIMEOUT     Seconds to wait before timeout connection (default 30)
  --retry RETRY         Time out retrials times.

正在开发中........