This project was created in the context of python class while my studies. I wanted to do something usefull for CTF challenge
- Scrapping the website looking for link leading to new page of the site
- Harversting informations from the HTML :
- HTML forms
- PHP errors
- Fuzzing found attack vectors like forms, url and HTTP headers
- to be completed
- --url URL : the url of the site which must be scanned
- --nofuzz : Don't fuzz
- --sqli_file http://host/payload : Fetch SQLi payload online \n separated must be used with --name who specify the name for the save
- --sqli_file fichier : Select a previously download payload file
- --default_page index.php : where index.php is the default index page of the server, default is index.php
- --recursive integer : Define the recurisivity level, default is -1 which mean infinity
- --alias alias,separated : Define allowed alias for host (127.0.0.1 / localhost / ..)
- --remove word,forbidden : Forbid word in link (the link will NOT be saved)
- --timeout : Specify request timeout
- --max_retries : Specify max retries for request
- --stop : Ask if the script must continue even if an attack vector is found
- --fields fields,comma,separated : specify which fields will be displayed
- --excluded fields,comma,separated : remove theses fields from default fields list
- --verbose : Enable verbose
- --debug : Display errors
- --p : Display parameters
- --hide : Hide output
Do not hesitate to report bug or any new idea, I will be glad to implement it