-
Notifications
You must be signed in to change notification settings - Fork 469
Listing Plugins
Amit Gupta edited this page May 8, 2016
·
3 revisions
OWTF has many available plugins you can list them using the "-l" option like this:
./owtf.py -l web
_____ _ _ _ _____ _____
| | | | |_ _| __|
| | | | | | | | | __|
|_____|_____| |_| |__|
@owtfp
http://owtf.org
[*] OWTF Version: 1.0.1, Release: LionHeart (Beta)
[-] Loading framework please wait..
[-] Loading Resources from: /home/darknight/projects/owtf/profiles/resources/default.cfg ..
[-] Loading Mapping from: /home/darknight/projects/owtf/profiles/mappings/default.cfg
[-]
Short Intro:
Current Plugin Groups:
- web: For web assessments or when network plugins find a port that "speaks HTTP"
- network: For network assessments, discovery and port probing
- auxiliary: Auxiliary plugins, to automate miscelaneous tasks
WEB Plugin Types:
- Passive Plugins: NO requests sent to target
- Semi Passive Plugins: SOME "normal/legitimate" requests sent to target
- Active Plugins: A LOT OF "bad" requests sent to target (You better have permission!)
- Grep Plugins: NO requests sent to target. 100% based on transaction searches and plugin output parsing. Automatically run after semi_passive and active in default profile.
Available WEB plugins:
[-]
**************************************** Active plugins ****************************************
[-] active: Nikto_Unauthenticated______________________________(OWTF-WVS-002)________Active Vulnerability Scanning without credentials via nikto
[-] active: Wapiti_Unauthenticated_____________________________(OWTF-WVS-003)________Active Vulnerability Scanning without credentials via Wapiti
[-] active: W3AF_Unauthenticated_______________________________(OWTF-WVS-004)________Active Vulnerability Scanning without credentials via w3af
[-] active: Skipfish_Unauthenticated___________________________(OWTF-WVS-006)________Active Vulnerability Scanning without credentials via Skipfish
[-] active: Visit_URLs_________________________________________(OWTF-WSP-001)________Visit URLs found by other tools, some could be sensitive: need permission
[-] active: Arachni_Unauthenticated____________________________(OWTF-WVS-001)________Active Vulnerability Scanning without credentials via Arachni
[-] active: HTTP_Methods_and_XST_______________________________(OWTF-CM-008)_________Active probing for HTTP methods
[-] active: Web_Application_Fingerprint________________________(OWTF-IG-004)_________Active probing for fingerprint analysis
[-] active: Application_Discovery______________________________(OWTF-IG-005)_________Active probing for app discovery
[-] active: Testing_for_SSL-TLS________________________________(OWTF-CM-001)_________Active probing for SSL configuration
[-] active: Infrastructure_Configuration_Management____________(OWTF-CM-003)_________Active Probing for fingerprint analysis
[-] active: Old_Backup_and_Unreferenced_Files__________________(OWTF-CM-006)_________Active probing for juicy files (DirBuster)
[-]
**************************************** Passive plugins ****************************************
[-] passive: WS_Information_Gathering__________________________(OWTF-WS-001)_________Google Hacking/Third party sites for Web Services
[-] passive: Reflected_Cross_Site_Scripting____________________(OWTF-DV-001)_________Plugin to assist passive testing for known XSS vectors
[-] passive: Stored_Cross_Site_Scripting_______________________(OWTF-DV-002)_________Plugin to assist passive testing for known XSS vectors
[-] passive: Testing_for_Path_Traversal________________________(OWTF-AZ-001)_________Panoptic, a tool for testing local file inclusion vulnerabilities
[-] passive: Testing_for_Admin_Interfaces______________________(OWTF-CM-007)_________Google Hacking for Admin interfaces
[-] passive: HTTP_Methods_and_XST______________________________(OWTF-CM-008)_________Third party resources
[-] passive: Search_engine_discovery_reconnaissance____________(OWTF-IG-002)_________General Google Hacking/Email harvesting, etc
[-] passive: Web_Application_Fingerprint_______________________(OWTF-IG-004)_________Third party resources and fingerprinting suggestions
[-] passive: Application_Discovery_____________________________(OWTF-IG-005)_________Third party discovery resources
[-] passive: Testing_for_Error_Code____________________________(OWTF-IG-006)_________Google Hacking for Error codes
[-] passive: Testing_for_SSL-TLS_______________________________(OWTF-CM-001)_________Third party resources
[-] passive: Spiders_Robots_and_Crawlers_______________________(OWTF-IG-001)_________robots.txt analysis through third party sites
[-] passive: Testing_for_Captcha_______________________________(OWTF-AT-008)_________Google Hacking for CAPTCHA
[-] passive: Testing_for_Cross_site_flashing___________________(OWTF-DV-004)_________Google Hacking for Cross Site Flashing
[-] passive: Testing_for_SQL_Injection_________________________(OWTF-DV-005)_________Google Hacking for SQLi
[-] passive: Testing_for_SSI_Injection_________________________(OWTF-DV-009)_________Searching for pages that are susceptible to SSI-Injection
[-] passive: Old_Backup_and_Unreferenced_Files_________________(OWTF-CM-006)_________Google Hacking for juicy files
[-]
**************************************** Grep plugins ****************************************
[-] grep: Credentials_transport_over_an_encrypted_channel______(OWTF-AT-001)_________Searches transaction DB for credentials protections
[-] grep: Reflected_Cross_Site_Scripting_______________________(OWTF-DV-001)_________Searches transaction DB for XSS protections
[-] grep: CORS_________________________________________________(OWTF-WGP-002)________Searches transaction DB for Cross Origin Resource Sharing headers
[-] grep: Web_Application_Fingerprint__________________________(OWTF-IG-004)_________Searches transaction DB for fingerprint traces
[-] grep: Testing_for_SSL-TLS__________________________________(OWTF-CM-001)_________Searches transaction DB for SSL protections
[-] grep: Application_Configuration_Management_________________(OWTF-CM-004)_________Searches transaction DB for comments
[-] grep: Spiders_Robots_and_Crawlers__________________________(OWTF-IG-001)_________Searches transaction DB for Robots meta tag and X-Robots-Tag HTTP header
[-] grep: Vulnerable_Remember_Password_and_Pwd_Reset___________(OWTF-AT-006)_________Searches transaction DB for autocomplete protections
[-] grep: Logout_and_Browser_Cache_Management__________________(OWTF-AT-007)_________Searches transaction DB for Cache snooping protections
[-] grep: Cookies_attributes___________________________________(OWTF-SM-002)_________Searches transaction DB for Cookie attributes
[-] grep: Testing_for_CSRF_____________________________________(OWTF-SM-005)_________Searches transaction DB for CSRF protections
[-] grep: Testing_for_SSI_Injection____________________________(OWTF-DV-009)_________Searches transaction DB for SSI directives
[-] grep: DoS_Failure_to_Release_Resources_____________________(OWTF-DS-007)_________Searches transaction DB for timing information
[-] grep: Clickjacking_________________________________________(OWTF-WGP-001)________Searches transaction DB for Clickjacking protections
[-]
**************************************** Semi-Passive plugins ****************************************
[-] semi_passive: HTTP_Methods_and_XST_________________________(OWTF-CM-008)_________Normal request for HTTP methods analysis
[-] semi_passive: Search_engine_discovery_reconnaissance_______(OWTF-IG-002)_________Metadata analysis
[-] semi_passive: Web_Application_Fingerprint__________________(OWTF-IG-004)_________Normal requests to gather fingerprint info
[-] semi_passive: Spiders_Robots_and_Crawlers__________________(OWTF-IG-001)_________Normal request for robots.txt analysis
[-] semi_passive: Session_Management_Schema____________________(OWTF-SM-001)_________Normal requests to gather session managament info
[-] semi_passive: Testing_for_Cross_site_flashing______________(OWTF-DV-004)_________Normal requests for XSF analysis
[-]
**************************************** External plugins ****************************************
[-] external: XML_Structural_Testing___________________________(OWTF-WS-003)_________Plugin to assist manual testing
[-] external: Application_Configuration_Management_____________(OWTF-CM-004)_________Plugin to assist manual testing
[-] external: Application_Discovery____________________________(OWTF-IG-005)_________Plugin to assist manual testing
[-] external: Arachni_Unauthenticated__________________________(OWTF-WVS-001)________Plugin to assist manual testing
[-] external: Brute_Force_Testing______________________________(OWTF-AT-004)_________Plugin to assist manual testing
[-] external: Bypassing_authentication_schema__________________(OWTF-AT-005)_________Plugin to assist manual testing
[-] external: Bypassing_authorization_schema___________________(OWTF-AZ-002)_________Plugin to assist manual testing
[-] external: CORS_____________________________________________(OWTF-WGP-002)________CORS Plugin to assist manual testing
[-] external: Clickjacking_____________________________________(OWTF-WGP-001)________Plugin to assist manual testing
[-] external: Cookies_attributes_______________________________(OWTF-SM-002)_________Cookie Attributes Plugin to assist manual testing
[-] external: Credentials_transport_over_an_encrypted_channel__(OWTF-AT-001)_________Tools to assist credential transport vulnerability exploitation
[-] external: DB_Listener_Testing______________________________(OWTF-CM-002)_________Plugin to assist manual testing
[-] external: DOM_based_Cross_Site_Scripting___________________(OWTF-DV-003)_________Plugin to assist manual testing
[-] external: DoS_Failure_to_Release_Resources_________________(OWTF-DS-007)_________Plugin to assist manual testing
[-] external: DoS_User_Specified_Object_Allocation_____________(OWTF-DS-004)_________Plugin to assist manual testing
[-] external: Exposed_Session_Variables________________________(OWTF-SM-004)_________Plugin to assist manual testing
[-] external: HTTP_GET_parameters_REST_Testing_________________(OWTF-WS-005)_________Plugin to assist manual testing
[-] external: HTTP_Methods_and_XST_____________________________(OWTF-CM-008)_________Plugin to assist manual testing
[-] external: How_to_test_AJAX_________________________________(OWTF-AJ-002)_________Plugin to assist manual testing
[-] external: IMAP_SMTP_Injection______________________________(OWTF-DV-011)_________Plugin to assist manual testing
[-] external: Identify_application_entry_points________________(OWTF-IG-003)_________Plugin to assist manual testing
[-] external: Infrastructure_Configuration_Management__________(OWTF-CM-003)_________Plugin to assist manual testing
[-] external: Logout_and_Browser_Cache_Management______________(OWTF-AT-007)_________Plugin to assist manual testing
[-] external: Multiple_Factors_Authentication__________________(OWTF-AT-009)_________Plugin to assist manual testing
[-] external: Naughty_SOAP_attachments_________________________(OWTF-WS-006)_________Plugin to assist manual testing
[-] external: Nikto_Unauthenticated____________________________(OWTF-WVS-002)________Plugin to assist manual testing
[-] external: AJAX_Vulnerabilities_____________________________(OWTF-AJ-001)_________Plugin to assist manual testing
[-] external: Race_Conditions__________________________________(OWTF-AT-010)_________Plugin to assist manual testing
[-] external: Reflected_Cross_Site_Scripting___________________(OWTF-DV-001)_________Plugin to assist manual testing
[-] external: Search_engine_discovery_reconnaissance___________(OWTF-IG-002)_________Plugin to assist manual testing
[-] external: Session_Management_Schema________________________(OWTF-SM-001)_________Plugin to assist manual testing
[-] external: Spiders_Robots_and_Crawlers______________________(OWTF-IG-001)_________Plugin to assist manual testing
[-] external: Stored_Cross_Site_Scripting______________________(OWTF-DV-002)_________Plugin to assist manual testing
[-] external: Storing_too_Much_Data_in_Session_________________(OWTF-DS-008)_________Plugin to assist manual testing
[-] external: Testing_WSDL_____________________________________(OWTF-WS-002)_________Plugin to assist manual testing
[-] external: Testing_for_Admin_Interfaces_____________________(OWTF-CM-007)_________Plugin to assist manual testing
[-] external: Testing_for_Buffer_overflow______________________(OWTF-DV-014)_________Plugin to assist manual testing
[-] external: Testing_for_CSRF_________________________________(OWTF-SM-005)_________Plugin to assist manual testing
[-] external: Testing_for_Captcha______________________________(OWTF-AT-008)_________Plugin to assist manual testing
[-] external: Testing_for_Code_Injection_______________________(OWTF-DV-012)_________Plugin to assist manual testing
[-] external: Testing_for_Command_Injection____________________(OWTF-DV-013)_________Plugin to assist manual testing
[-] external: Testing_for_Cross_site_flashing__________________(OWTF-DV-004)_________Cross Site Flashing Plugin to assist manual testing
[-] external: Testing_for_DoS_Buffer_Overflows_________________(OWTF-DS-003)_________Plugin to assist manual testing
[-] external: Testing_for_DoS_Locking_Customer_Accounts________(OWTF-DS-002)_________Plugin to assist manual testing
[-] external: Testing_for_Error_Code___________________________(OWTF-IG-006)_________Plugin to assist manual testing
[-] external: Testing_for_File_Extensions_Handling_____________(OWTF-CM-005)_________Plugin to assist manual testing
[-] external: Testing_for_Guessable_User_Account_______________(OWTF-AT-003)_________Plugin to assist manual testing
[-] external: Testing_for_HTTP_Splitting_Smuggling_____________(OWTF-DV-016)_________Plugin to assist manual testing
[-] external: Testing_for_LDAP_Injection_______________________(OWTF-DV-006)_________Plugin to assist manual testing
[-] external: Testing_for_ORM_Injection________________________(OWTF-DV-007)_________Plugin to assist manual testing
[-] external: Testing_for_Privilege_Escalation_________________(OWTF-AZ-003)_________Plugin to assist manual testing
[-] external: Testing_for_SQL_Injection________________________(OWTF-DV-005)_________Plugin to assist manual testing
[-] external: Testing_for_SQL_Wildcard_Attacks_________________(OWTF-DS-001)_________Plugin to assist manual testing
[-] external: Testing_for_SSI_Injection________________________(OWTF-DV-009)_________Plugin to assist manual testing
[-] external: Testing_for_SSL-TLS______________________________(OWTF-CM-001)_________Plugin to assist manual testing
[-] external: Testing_for_Session_Fixation_____________________(OWTF-SM-003)_________Plugin to assist manual testing
[-] external: Testing_for_XML_Injection________________________(OWTF-DV-008)_________XML Injection Plugin to assist manual testing
[-] external: Testing_for_XPath_Injection______________________(OWTF-DV-010)_________Plugin to assist manual testing
[-] external: Testing_for_incubated_vulnerabilities____________(OWTF-DV-015)_________Plugin to assist manual testing
[-] external: Testing_for_path_traversal_______________________(OWTF-AZ-001)_________Plugin to assist manual testing
[-] external: Testing_for_user_enumeration_____________________(OWTF-AT-002)_________Plugin to assist manual testing
[-] external: User_Input_as_a_Loop_Counter_____________________(OWTF-DS-005)_________Plugin to assist manual testing
[-] external: Visit_URLs_______________________________________(OWTF-WSP-001)________Plugin to assist manual testing
[-] external: Vulnerable_Remember_Password_and_Pwd_Reset_______(OWTF-AT-006)_________Plugin to assist manual testing
[-] external: W3AF_Unauthenticated_____________________________(OWTF-WVS-004)________Plugin to assist manual testing
[-] external: WS_Information_Gathering_________________________(OWTF-WS-001)_________Plugin to assist manual testing
[-] external: WS_Replay_Testing________________________________(OWTF-WS-007)_________Plugin to assist manual testing
[-] external: Wapiti_Unauthenticated___________________________(OWTF-WVS-003)________Plugin to assist manual testing
[-] external: Web_Application_Fingerprint______________________(OWTF-IG-004)_________Plugin to assist manual testing
[-] external: Writing_User_Provided_Data_to_Disk_______________(OWTF-DS-006)_________Plugin to assist manual testing
[-] external: XML_Content-level_Testing________________________(OWTF-WS-004)_________Plugin to assist manual testing
[-] external: Old_Backup_and_Unreferenced_Files________________(OWTF-CM-006)_________Plugin to assist manual testing
This wiki and the OWTF README document contains a lot of information, please take your time and read these instructions carefully.
We provide a CHANGELOG that provides details about almost every OWTF release.
Be sure to read the CONTRIBUTING guidelines before reporting a new OWTF issue or opening a pull request.
If you have any questions about the OWTF usage or want to share some information with the community, please go to one of the following places:
- IRC channel
#owtf(irc.freenode.net)
Google Summer of Code 2018 Guide
Installation
Getting Started
- Define where your tools are
- Run OWASP OWTF
- HTTP Auth Configurations
- Simulation mode
- AUX plugins usage
- FAQ
SET usage
Cookbooks (GSoC 2014 Projects UPDATE)
-
Zest Integration:
- Quick Guide to get started with Zest,ZAP and Replay
- Zest and ZAP API Installation
- Zest and ZAP integration Introduction
- Zest Runner module
- Forward HTTP request to ZAP
- Zest script creation from single HTTP transaction
- Zest script creation from multiple HTTP transactions
- Zest Script Creator module
- HTTP Request Editing Window (Replay Function)
- Zest Script Recording Functionality
- Zest scripting console
Development
-
Plugins:
-
Tests:
Contact