Expand the owasp branch with more web application attacks/scans
evyatarmeged opened this issue · 4 comments
I started coding some attacks/scans into Raccoon - this is done in the owasp
branch.
This is supposed to broaden its vulnerability scanning abilities and help it assist with areas it is not addressing fully at the moment.
I have coded most/all of the directory traversal module but I currently have no time to add more scans and attacks from the web application world, let alone write unit tests for the existing ones.
I'd love to get assistance on this, from simple suggestions in this issue to proper PRs - everything is appreciated.
On a side note, I started working on an XSS module as part of this branch but decided to drop it. I don't believe XSS is a good fit for an automated scan. XSS is something that is best done manually - with implications being observed by the attacker immediately, while detecting them using an automated tool is a lot harder and can have a ton of false positives/negatives.
Still want some help? I just faced this tool and it seems that no big updates have been done since 2018 🤔
Are you trying to implement attacks/tests for the owasp top ten?
Still want some help? I just faced this tool and it seems that no big updates have been done since 2018 thinking
Are you trying to implement attacks/tests for the owasp top ten?
Sure! I really can't find the time to invest in the project (or any others tbh) but I would love for you to contribute.
What did you have in mind ?
I was thinking of continue your efforts in implement the remainder of owasp top 10..
Which of these have you covered?
- Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE).
- Broken Access Control.
- Security Misconfiguration
- Cross-Site Scripting XSS
- Insecure Deserialization
- Insufficient Logging & Monitoring
I was thinking of continue your efforts in implement the remainder of owasp top 10..
Which of these have you covered?* [ ] Injection * [ ] Broken Authentication * [ ] Sensitive Data Exposure * [ ] XML External Entities (XXE). * [ ] Broken Access Control. * [ ] Security Misconfiguration * [ ] Cross-Site Scripting XSS * [ ] Insecure Deserialization * [ ] Insufficient Logging & Monitoring
Honestly I didn't get by to finish any of the above. The project started as a recon tool with a plan to expand further later.
You can prioritize the top 10 as you see fit. I would prefer starting with things that are not covered thoroughly in other tools (like XSS and Injection which there are plenty of other solutions for).