/WebSecProbe

Web Application Vulnerability Scanning using Python and browser automation libraries allowing efficient scanning of web application.

Primary LanguagePython

WebSecProbe

krimson-squad - WebSecProbe stars - WebSecProbe forks - WebSecProbe

GitHub tag issues - WebSecProbe

Documentation

view - Documentation

THIS REPO/PROJECT IS MADE FOR DEVELOPMENT PURPOSE, YET TO BE DEPLOYED !

Project: WAVS Framework in Python

Objective of subject

Web Application Vulnerability Scanning using Python and browser automation libraries allowing efficient scanning of web application.

Base Setup / Environment

  • Python
  • Beautiful Soup

Identify possible vulnerabilities

  • Automate the submission of form's payload
  • log and analyze the response

Session Handling

Mainting session

Crawling

  • Extract other same domain/page url to be scanned.

Reporting

  • log response in a structural manner
  • give a referrence for the value --

Development Strategy

Phases

  • Planning
  • Design
  • Moduling
  • Coding
  • Packaging
  • Testing
  • Writing documentary
  • Advertising

Logic

**Suite**
    |
    |
    v
**main file** <-------> [needed testing module (like:headermodule)]
         {collects logs}            /\|
                                     ||
                                     |v
                         [needed submodule(s) , like x-frame...]
                                    /\|
     returns response from the server|| sends/post request to server/page
                                     ||
                                     |v
                                   **[server]**

Module structure

  • Main modules
  • Scanner modules
  • Utility modules
  • Config modules
  • Report modules
  • External modules