WLSA

Weblogic Security Assessment

UNDER DEVELOPMENT

Purpose

Imagine that during an engagement you downloaded an entire weblogic cluster, and you now want to filter and parse only important stuff, like functions that may be vulnerable to RCE, LFI and so on. This tool will do exactly that, searching all folders for XML files, parsing files and even decompiling classes (with the help from JAD).

Install

pip3 install -r requirements.txt

Usage

python3 main.py -folder /projects/weblogic_cluster/

Todo

Create Viewer class, to export in general formats (HTML,XML and so on).
Develop the "action" system, to do actions based on rules.
Add more detection rules.
Improve detection logic to accept regexp

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
core		core
rules		rules
README.md		README.md
main.py		main.py
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

WLSA

Purpose

Install

Usage

Todo

About

Releases

Packages

Contributors 3

Languages

fgsec/WLSA

Folders and files

Latest commit

History

Repository files navigation

WLSA

Purpose

Install

Usage

Todo

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 3

Languages

Packages