Listing Plugins

Amit Gupta edited this page May 8, 2016 · 3 revisions

OWTF has many available plugins you can list them using the "-l" option like this:

./owtf.py -l web
  _____ _ _ _ _____ _____
 |     | | | |_   _|   __|
 |  |  | | | | | | |   __|
 |_____|_____| |_| |__|

        @owtfp
    http://owtf.org
    
[*] OWTF Version: 1.0.1, Release: LionHeart (Beta) 
[-] Loading framework please wait..
[-] Loading Resources from: /home/darknight/projects/owtf/profiles/resources/default.cfg ..
[-] Loading Mapping from: /home/darknight/projects/owtf/profiles/mappings/default.cfg
[-] 
Short Intro:
Current Plugin Groups:
- web: For web assessments or when network plugins find a port that "speaks HTTP"
- network: For network assessments, discovery and port probing
- auxiliary: Auxiliary plugins, to automate miscelaneous tasks

WEB Plugin Types:
- Passive Plugins: NO requests sent to target
- Semi Passive Plugins: SOME "normal/legitimate" requests sent to target
- Active Plugins: A LOT OF "bad" requests sent to target (You better have permission!)
- Grep Plugins: NO requests sent to target. 100% based on transaction searches and plugin output parsing. Automatically run after semi_passive and active in default profile.

Available WEB plugins:
[-] 
**************************************** Active plugins ****************************************
[-]  active: Nikto_Unauthenticated______________________________(OWTF-WVS-002)________Active Vulnerability Scanning without credentials via nikto
[-]  active: Wapiti_Unauthenticated_____________________________(OWTF-WVS-003)________Active Vulnerability Scanning without credentials via Wapiti
[-]  active: W3AF_Unauthenticated_______________________________(OWTF-WVS-004)________Active Vulnerability Scanning without credentials via w3af
[-]  active: Skipfish_Unauthenticated___________________________(OWTF-WVS-006)________Active Vulnerability Scanning without credentials via Skipfish
[-]  active: Visit_URLs_________________________________________(OWTF-WSP-001)________Visit URLs found by other tools, some could be sensitive: need permission
[-]  active: Arachni_Unauthenticated____________________________(OWTF-WVS-001)________Active Vulnerability Scanning without credentials via Arachni
[-]  active: HTTP_Methods_and_XST_______________________________(OWTF-CM-008)_________Active probing for HTTP methods
[-]  active: Web_Application_Fingerprint________________________(OWTF-IG-004)_________Active probing for fingerprint analysis
[-]  active: Application_Discovery______________________________(OWTF-IG-005)_________Active probing for app discovery
[-]  active: Testing_for_SSL-TLS________________________________(OWTF-CM-001)_________Active probing for SSL configuration
[-]  active: Infrastructure_Configuration_Management____________(OWTF-CM-003)_________Active Probing for fingerprint analysis
[-]  active: Old_Backup_and_Unreferenced_Files__________________(OWTF-CM-006)_________Active probing for juicy files (DirBuster)
[-] 
**************************************** Passive plugins ****************************************
[-]  passive: WS_Information_Gathering__________________________(OWTF-WS-001)_________Google Hacking/Third party sites for Web Services
[-]  passive: Reflected_Cross_Site_Scripting____________________(OWTF-DV-001)_________Plugin to assist passive testing for known XSS vectors
[-]  passive: Stored_Cross_Site_Scripting_______________________(OWTF-DV-002)_________Plugin to assist passive testing for known XSS vectors
[-]  passive: Testing_for_Path_Traversal________________________(OWTF-AZ-001)_________Panoptic, a tool for testing local file inclusion vulnerabilities
[-]  passive: Testing_for_Admin_Interfaces______________________(OWTF-CM-007)_________Google Hacking for Admin interfaces
[-]  passive: HTTP_Methods_and_XST______________________________(OWTF-CM-008)_________Third party resources
[-]  passive: Search_engine_discovery_reconnaissance____________(OWTF-IG-002)_________General Google Hacking/Email harvesting, etc
[-]  passive: Web_Application_Fingerprint_______________________(OWTF-IG-004)_________Third party resources and fingerprinting suggestions
[-]  passive: Application_Discovery_____________________________(OWTF-IG-005)_________Third party discovery resources
[-]  passive: Testing_for_Error_Code____________________________(OWTF-IG-006)_________Google Hacking for Error codes
[-]  passive: Testing_for_SSL-TLS_______________________________(OWTF-CM-001)_________Third party resources
[-]  passive: Spiders_Robots_and_Crawlers_______________________(OWTF-IG-001)_________robots.txt analysis through third party sites
[-]  passive: Testing_for_Captcha_______________________________(OWTF-AT-008)_________Google Hacking for CAPTCHA
[-]  passive: Testing_for_Cross_site_flashing___________________(OWTF-DV-004)_________Google Hacking for Cross Site Flashing
[-]  passive: Testing_for_SQL_Injection_________________________(OWTF-DV-005)_________Google Hacking for SQLi
[-]  passive: Testing_for_SSI_Injection_________________________(OWTF-DV-009)_________Searching for pages that are susceptible to SSI-Injection
[-]  passive: Old_Backup_and_Unreferenced_Files_________________(OWTF-CM-006)_________Google Hacking for juicy files
[-] 
**************************************** Grep plugins ****************************************
[-]  grep: Credentials_transport_over_an_encrypted_channel______(OWTF-AT-001)_________Searches transaction DB for credentials protections
[-]  grep: Reflected_Cross_Site_Scripting_______________________(OWTF-DV-001)_________Searches transaction DB for XSS protections
[-]  grep: CORS_________________________________________________(OWTF-WGP-002)________Searches transaction DB for Cross Origin Resource Sharing headers
[-]  grep: Web_Application_Fingerprint__________________________(OWTF-IG-004)_________Searches transaction DB for fingerprint traces
[-]  grep: Testing_for_SSL-TLS__________________________________(OWTF-CM-001)_________Searches transaction DB for SSL protections
[-]  grep: Application_Configuration_Management_________________(OWTF-CM-004)_________Searches transaction DB for comments
[-]  grep: Spiders_Robots_and_Crawlers__________________________(OWTF-IG-001)_________Searches transaction DB for Robots meta tag and X-Robots-Tag HTTP header
[-]  grep: Vulnerable_Remember_Password_and_Pwd_Reset___________(OWTF-AT-006)_________Searches transaction DB for autocomplete protections
[-]  grep: Logout_and_Browser_Cache_Management__________________(OWTF-AT-007)_________Searches transaction DB for Cache snooping protections
[-]  grep: Cookies_attributes___________________________________(OWTF-SM-002)_________Searches transaction DB for Cookie attributes
[-]  grep: Testing_for_CSRF_____________________________________(OWTF-SM-005)_________Searches transaction DB for CSRF protections
[-]  grep: Testing_for_SSI_Injection____________________________(OWTF-DV-009)_________Searches transaction DB for SSI directives
[-]  grep: DoS_Failure_to_Release_Resources_____________________(OWTF-DS-007)_________Searches transaction DB for timing information
[-]  grep: Clickjacking_________________________________________(OWTF-WGP-001)________Searches transaction DB for Clickjacking protections
[-] 
**************************************** Semi-Passive plugins ****************************************
[-]  semi_passive: HTTP_Methods_and_XST_________________________(OWTF-CM-008)_________Normal request for HTTP methods analysis
[-]  semi_passive: Search_engine_discovery_reconnaissance_______(OWTF-IG-002)_________Metadata analysis
[-]  semi_passive: Web_Application_Fingerprint__________________(OWTF-IG-004)_________Normal requests to gather fingerprint info
[-]  semi_passive: Spiders_Robots_and_Crawlers__________________(OWTF-IG-001)_________Normal request for robots.txt analysis
[-]  semi_passive: Session_Management_Schema____________________(OWTF-SM-001)_________Normal requests to gather session managament info
[-]  semi_passive: Testing_for_Cross_site_flashing______________(OWTF-DV-004)_________Normal requests for XSF analysis
[-] 
**************************************** External plugins ****************************************
[-]  external: XML_Structural_Testing___________________________(OWTF-WS-003)_________Plugin to assist manual testing
[-]  external: Application_Configuration_Management_____________(OWTF-CM-004)_________Plugin to assist manual testing
[-]  external: Application_Discovery____________________________(OWTF-IG-005)_________Plugin to assist manual testing
[-]  external: Arachni_Unauthenticated__________________________(OWTF-WVS-001)________Plugin to assist manual testing
[-]  external: Brute_Force_Testing______________________________(OWTF-AT-004)_________Plugin to assist manual testing
[-]  external: Bypassing_authentication_schema__________________(OWTF-AT-005)_________Plugin to assist manual testing
[-]  external: Bypassing_authorization_schema___________________(OWTF-AZ-002)_________Plugin to assist manual testing
[-]  external: CORS_____________________________________________(OWTF-WGP-002)________CORS Plugin to assist manual testing
[-]  external: Clickjacking_____________________________________(OWTF-WGP-001)________Plugin to assist manual testing
[-]  external: Cookies_attributes_______________________________(OWTF-SM-002)_________Cookie Attributes Plugin to assist manual testing
[-]  external: Credentials_transport_over_an_encrypted_channel__(OWTF-AT-001)_________Tools to assist credential transport vulnerability exploitation
[-]  external: DB_Listener_Testing______________________________(OWTF-CM-002)_________Plugin to assist manual testing
[-]  external: DOM_based_Cross_Site_Scripting___________________(OWTF-DV-003)_________Plugin to assist manual testing
[-]  external: DoS_Failure_to_Release_Resources_________________(OWTF-DS-007)_________Plugin to assist manual testing
[-]  external: DoS_User_Specified_Object_Allocation_____________(OWTF-DS-004)_________Plugin to assist manual testing
[-]  external: Exposed_Session_Variables________________________(OWTF-SM-004)_________Plugin to assist manual testing
[-]  external: HTTP_GET_parameters_REST_Testing_________________(OWTF-WS-005)_________Plugin to assist manual testing
[-]  external: HTTP_Methods_and_XST_____________________________(OWTF-CM-008)_________Plugin to assist manual testing
[-]  external: How_to_test_AJAX_________________________________(OWTF-AJ-002)_________Plugin to assist manual testing
[-]  external: IMAP_SMTP_Injection______________________________(OWTF-DV-011)_________Plugin to assist manual testing
[-]  external: Identify_application_entry_points________________(OWTF-IG-003)_________Plugin to assist manual testing
[-]  external: Infrastructure_Configuration_Management__________(OWTF-CM-003)_________Plugin to assist manual testing
[-]  external: Logout_and_Browser_Cache_Management______________(OWTF-AT-007)_________Plugin to assist manual testing
[-]  external: Multiple_Factors_Authentication__________________(OWTF-AT-009)_________Plugin to assist manual testing
[-]  external: Naughty_SOAP_attachments_________________________(OWTF-WS-006)_________Plugin to assist manual testing
[-]  external: Nikto_Unauthenticated____________________________(OWTF-WVS-002)________Plugin to assist manual testing
[-]  external: AJAX_Vulnerabilities_____________________________(OWTF-AJ-001)_________Plugin to assist manual testing
[-]  external: Race_Conditions__________________________________(OWTF-AT-010)_________Plugin to assist manual testing
[-]  external: Reflected_Cross_Site_Scripting___________________(OWTF-DV-001)_________Plugin to assist manual testing
[-]  external: Search_engine_discovery_reconnaissance___________(OWTF-IG-002)_________Plugin to assist manual testing
[-]  external: Session_Management_Schema________________________(OWTF-SM-001)_________Plugin to assist manual testing
[-]  external: Spiders_Robots_and_Crawlers______________________(OWTF-IG-001)_________Plugin to assist manual testing
[-]  external: Stored_Cross_Site_Scripting______________________(OWTF-DV-002)_________Plugin to assist manual testing
[-]  external: Storing_too_Much_Data_in_Session_________________(OWTF-DS-008)_________Plugin to assist manual testing
[-]  external: Testing_WSDL_____________________________________(OWTF-WS-002)_________Plugin to assist manual testing
[-]  external: Testing_for_Admin_Interfaces_____________________(OWTF-CM-007)_________Plugin to assist manual testing
[-]  external: Testing_for_Buffer_overflow______________________(OWTF-DV-014)_________Plugin to assist manual testing
[-]  external: Testing_for_CSRF_________________________________(OWTF-SM-005)_________Plugin to assist manual testing
[-]  external: Testing_for_Captcha______________________________(OWTF-AT-008)_________Plugin to assist manual testing
[-]  external: Testing_for_Code_Injection_______________________(OWTF-DV-012)_________Plugin to assist manual testing
[-]  external: Testing_for_Command_Injection____________________(OWTF-DV-013)_________Plugin to assist manual testing
[-]  external: Testing_for_Cross_site_flashing__________________(OWTF-DV-004)_________Cross Site Flashing Plugin to assist manual testing
[-]  external: Testing_for_DoS_Buffer_Overflows_________________(OWTF-DS-003)_________Plugin to assist manual testing
[-]  external: Testing_for_DoS_Locking_Customer_Accounts________(OWTF-DS-002)_________Plugin to assist manual testing
[-]  external: Testing_for_Error_Code___________________________(OWTF-IG-006)_________Plugin to assist manual testing
[-]  external: Testing_for_File_Extensions_Handling_____________(OWTF-CM-005)_________Plugin to assist manual testing
[-]  external: Testing_for_Guessable_User_Account_______________(OWTF-AT-003)_________Plugin to assist manual testing
[-]  external: Testing_for_HTTP_Splitting_Smuggling_____________(OWTF-DV-016)_________Plugin to assist manual testing
[-]  external: Testing_for_LDAP_Injection_______________________(OWTF-DV-006)_________Plugin to assist manual testing
[-]  external: Testing_for_ORM_Injection________________________(OWTF-DV-007)_________Plugin to assist manual testing
[-]  external: Testing_for_Privilege_Escalation_________________(OWTF-AZ-003)_________Plugin to assist manual testing
[-]  external: Testing_for_SQL_Injection________________________(OWTF-DV-005)_________Plugin to assist manual testing
[-]  external: Testing_for_SQL_Wildcard_Attacks_________________(OWTF-DS-001)_________Plugin to assist manual testing
[-]  external: Testing_for_SSI_Injection________________________(OWTF-DV-009)_________Plugin to assist manual testing
[-]  external: Testing_for_SSL-TLS______________________________(OWTF-CM-001)_________Plugin to assist manual testing
[-]  external: Testing_for_Session_Fixation_____________________(OWTF-SM-003)_________Plugin to assist manual testing
[-]  external: Testing_for_XML_Injection________________________(OWTF-DV-008)_________XML Injection Plugin to assist manual testing
[-]  external: Testing_for_XPath_Injection______________________(OWTF-DV-010)_________Plugin to assist manual testing
[-]  external: Testing_for_incubated_vulnerabilities____________(OWTF-DV-015)_________Plugin to assist manual testing
[-]  external: Testing_for_path_traversal_______________________(OWTF-AZ-001)_________Plugin to assist manual testing
[-]  external: Testing_for_user_enumeration_____________________(OWTF-AT-002)_________Plugin to assist manual testing
[-]  external: User_Input_as_a_Loop_Counter_____________________(OWTF-DS-005)_________Plugin to assist manual testing
[-]  external: Visit_URLs_______________________________________(OWTF-WSP-001)________Plugin to assist manual testing
[-]  external: Vulnerable_Remember_Password_and_Pwd_Reset_______(OWTF-AT-006)_________Plugin to assist manual testing
[-]  external: W3AF_Unauthenticated_____________________________(OWTF-WVS-004)________Plugin to assist manual testing
[-]  external: WS_Information_Gathering_________________________(OWTF-WS-001)_________Plugin to assist manual testing
[-]  external: WS_Replay_Testing________________________________(OWTF-WS-007)_________Plugin to assist manual testing
[-]  external: Wapiti_Unauthenticated___________________________(OWTF-WVS-003)________Plugin to assist manual testing
[-]  external: Web_Application_Fingerprint______________________(OWTF-IG-004)_________Plugin to assist manual testing
[-]  external: Writing_User_Provided_Data_to_Disk_______________(OWTF-DS-006)_________Plugin to assist manual testing
[-]  external: XML_Content-level_Testing________________________(OWTF-WS-004)_________Plugin to assist manual testing
[-]  external: Old_Backup_and_Unreferenced_Files________________(OWTF-CM-006)_________Plugin to assist manual testing
Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.