Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug Fixes, New feature and Functionality and modules #575

Merged
merged 16 commits into from
Sep 17, 2022
Merged

Bug Fixes, New feature and Functionality and modules #575

merged 16 commits into from
Sep 17, 2022

Conversation

itsdivyanshjain
Copy link
Collaborator

Changes proposed in this pull request

  1. bug fixes one is in header and another is conditional
  2. Expanding the scope for temp_dependent variable.
  3. dictionary based response match
  4. new log functionality
  5. new added modules to demonstrate that functionality.

Your development environment

  • OS: x
  • OS Version: x
  • Python Version: x

@itsdivyanshjain
Copy link
Collaborator Author

Quick run the tool with this command python nettacker.py -i owasp.org --profile whatweb --skip-service-discovery --extra-module-args "schema=https&ports=443" for detecting web_technologies, also change --profile waf for waf detection but currently it test for akamai WAF because of testing purposes. Also, even after this new changes no previous functionality break.

divyansh and others added 16 commits September 17, 2022 08:53
@itsdivyanshjain
fix bug in header match
93d651d 
when regex is .* in header and it follows else empty string which match header in false manner
@itsdivyanshjain
fix conditioning bug
72de76f 
In module where there is or condition between status and header, and status is been match but not header, then it still don't return success
@itsdivyanshjain
changing return type to dict to match same as returning condition_res…
d84bc51 
…ults
@itsdivyanshjain
expanding the scope of temp_dependent_events to the response
7e72ee9 
require for new module and also it is good feature to have
@itsdivyanshjain
new feature: iterative_dictionary based response matching functionality
db85f5a 
This is going to be helpful in new module like waf_scan, web_technologies_scan, subdomain_takeover_vuln. Demonstartion in modules going to available in later commits.
@itsdivyanshjain
new feature: better approach for storing and showing logs
06490a4 
This is meant for report/show output we still require old storing functionality like events and results. This commit also include response_dependent function which similar to temp_dependent function but it does not store in db, mainly meant to use to replace a certain characters in logs. Demonstration in a modules going to be available in later commits.
@itsdivyanshjain
enhancements in logs in cli
7273e64
@itsdivyanshjain
new WAF module with new mentioned functionality
c8b0025 
meant for testing new functionalities and demonstration only, more WAF responses will be added soon
@itsdivyanshjain
new web technologies scanner module
a995bd6 
This is also meant for testing purposes, it has false negative
@itsdivyanshjain
fixed logic bug finally
ec9479c
@itsdivyanshjain
updated subdomain-takeover module
50fbd67
@itsdivyanshjain
updated waf module
802d945 
this module is working well, but still requires improvement in handling logs and terminate the request if we get the desired results, instead of iterating the whole list of request urls.
@itsdivyanshjain
waf log edit
5ff0a6a
@itsdivyanshjain
improvise conditioning
b724556
@itsdivyanshjain
improved log
c2acd1c
@itsdivyanshjain
updated web_technologies scan module
07b78e8
@securestep9 securestep9 self-assigned this Sep 17, 2022
@securestep9 securestep9 added this to the v0.0.3 milestone Sep 17, 2022
securestep9
securestep9 approved these changes Sep 17, 2022
View reviewed changes
core/module_protocols/http.py Outdated Show resolved Hide resolved
core/module_protocols/http.py Outdated Show resolved Hide resolved
@securestep9 securestep9 merged commit ea18929 into master Sep 17, 2022
@securestep9 securestep9 deleted the testing-new branch September 17, 2022 16:13
@securestep9 securestep9 restored the testing-new branch September 24, 2022 20:17
@securestep9 securestep9 deleted the testing-new branch February 6, 2024 20:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@securestep9 securestep9 securestep9 approved these changes

Assignees

@securestep9 securestep9

Labels
None yet
Projects
None yet
Milestone
v0.0.3
Development

Successfully merging this pull request may close these issues.
2 participants
@itsdivyanshjain @securestep9