基于Python3的漏洞检测工具 ( Python3 插件式框架 )

Python3 漏洞检测工具 -- lance

lance, a simple version of the vulnerability detection framework based on Python3.

基于Python3的简单版漏洞检测框架 -- lance

可以自定义poc或exp插件,可以指定要加载的poc或exp。

代码已经上传到Github : https://github.com/b4zinga/lance

screenshot

基于Python3的漏洞检测工具 ( Python3 插件式框架 )

requirements

python

关键代码

def loadPlugin(url, poc=None):
"""load all plugins.
"""
if "://" not in url:
url = "http://" + url
url = url.strip("/")
logger.info("Target url: %s" % url) plugin_path = os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))),"plugins")
if not os.path.isdir(plugin_path):
logger.warning("%s is not a directory! " % plugin_path)
raise EnvironmentError
logger.info("Plugin path: %s " % plugin_path) items = os.listdir(plugin_path)
if poc:
logger.infxito("Loading %s plugins." % poc)
else:
poc=""
for item in items:
if item.endswith(".py") and not item.startswith('__'):
plugin_name = item[:-3]
if poc in plugin_name:
logger.info("Loading plugin: %s" % plugin_name) module = importlib.import_module("plugins." + plugin_name) try:
result = module.run(url)
if result:
logger.success(result)
else:
logger.error("Not Vulnerable %s " % plugin_name)
except:
logger.warning("ConnectionError ")
else:
continue logger.info("Finished")

usage

please run python3 lance.py -h for help.

root@kali:~/lance# python3 lance.py
usage: python lance.py lance. By b4zinga@outlook.com optional arguments:
-h, --help show this help message and exit Target:
-u URL target url. Module:
-m module poc or exp to be loaded. defaul is all.

documents

说明文档 : https://github.com/b4zinga/lance/blob/master/README.md

Guide : https://github.com/b4zinga/lance/blob/master/docs/Guide.md

ChangeLog : https://github.com/b4zinga/lance/blob/master/docs/ChangeLog.md

TODOList : https://github.com/b4zinga/lance/blob/master/docs/TODOList.md

Any advice or sugggestions

Please mail to b4zinga@outlook.com

代码已经上传到Github : https://github.com/b4zinga/lance

上一篇:CNCF官方大使张磊:什么是云原生?


下一篇:关于java的转义字符