mirror of https://github.com/CIRCL/AIL-framework
commit
164524970d
542
bin/Tools.py
542
bin/Tools.py
|
@ -131,7 +131,7 @@ tools_dict = {
|
|||
},
|
||||
'dnsenum': {
|
||||
'name': 'dnsenum',
|
||||
'regex1': r'(?s)dnsenum VERSION:.+?Trying Zone Transfer',
|
||||
'regex1': r'(?s)dnsenum(\.pl)? VERSION:.+?Trying Zone Transfer',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dnsenum-tool"', # tag if all regex match
|
||||
|
@ -185,9 +185,547 @@ tools_dict = {
|
|||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="uniscan-tool"', # tag if all regex match
|
||||
},
|
||||
'masscan': {
|
||||
'name': 'masscan',
|
||||
'regex1': r'(?s)Starting masscan [\d.]+.+?Scanning|bit.ly/14GZzcT',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="masscan-tool"', # tag if all regex match
|
||||
},
|
||||
'msfconsole': {
|
||||
'name': 'msfconsole',
|
||||
'regex1': r'=\[ metasploit v[\d.]+.+?msf >',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="msfconsole-tool"', # tag if all regex match
|
||||
},
|
||||
'amap': {
|
||||
'name': 'amap',
|
||||
'regex1': r'\bamap v[\d.]+ \(www.thc.org/thc-amap\)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="amap-tool"', # tag if all regex match
|
||||
},
|
||||
'automater': {
|
||||
'name': 'automater',
|
||||
'regex1': r'(?s)\[\*\] Checking.+?_+ Results found for:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="automater-tool"', # tag if all regex match
|
||||
},
|
||||
'braa': {
|
||||
'name': 'braa',
|
||||
'regex1': r'\bbraa public@[\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="braa-tool"', # tag if all regex match
|
||||
},
|
||||
'ciscotorch': {
|
||||
'name': 'ciscotorch',
|
||||
'regex1': r'Becase we need it',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="ciscotorch-tool"', # tag if all regex match
|
||||
},
|
||||
'theharvester': {
|
||||
'name': 'theharvester',
|
||||
'regex1': r'Starting harvesting process for domain:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="theharvester-tool"', # tag if all regex match
|
||||
},
|
||||
'sslstrip': {
|
||||
'name': 'sslstrip',
|
||||
'regex1': r'sslstrip [\d.]+ by Moxie Marlinspike running',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="sslstrip-tool"', # tag if all regex match
|
||||
},
|
||||
'sslcaudit': {
|
||||
'name': 'sslcaudit',
|
||||
'regex1': r'# filebag location:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="sslcaudit-tool"', # tag if all regex match
|
||||
},
|
||||
'smbmap': {
|
||||
'name': 'smbmap',
|
||||
'regex1': r'\[\+\] Finding open SMB ports\.\.\.',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="smbmap-tool"', # tag if all regex match
|
||||
},
|
||||
'reconng': {
|
||||
'name': 'reconng',
|
||||
'regex1': r'\[\*\] Status: unfixed|\[recon-ng\]\[default\]',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="reconng-tool"', # tag if all regex match
|
||||
},
|
||||
'p0f': {
|
||||
'name': 'p0f',
|
||||
'regex1': r'\bp0f [^ ]+ by Michal Zalewski',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="p0f-tool"', # tag if all regex match
|
||||
},
|
||||
'hping3': {
|
||||
'name': 'hping3',
|
||||
'regex1': r'\bHPING [^ ]+ \([^)]+\): [^ ]+ mode set',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="hping3-tool"', # tag if all regex match
|
||||
},
|
||||
'enum4linux': {
|
||||
'name': 'enum4linux',
|
||||
'regex1': r'Starting enum4linux v[\d.]+|\| Target Information \|',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="enum4linux-tool"', # tag if all regex match
|
||||
},
|
||||
'dnstracer': {
|
||||
'name': 'dnstracer',
|
||||
'regex1': r'(?s)Tracing to.+?DNS HEADER \(send\)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dnstracer-tool"', # tag if all regex match
|
||||
},
|
||||
'dnmap': {
|
||||
'name': 'dnmap',
|
||||
'regex1': r'dnmap_(client|server)|Nmap output files stored in \'nmap_output\' directory',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dnmap-tool"', # tag if all regex match
|
||||
},
|
||||
'arpscan': {
|
||||
'name': 'arpscan',
|
||||
'regex1': r'Starting arp-scan [^ ]+ with \d+ hosts',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="arpscan-tool"', # tag if all regex match
|
||||
},
|
||||
'cdpsnarf': {
|
||||
'name': 'cdpsnarf',
|
||||
'regex1': r'(?s)CDPSnarf v[^ ]+.+?Waiting for a CDP packet\.\.\.',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="cdpsnarf-tool"', # tag if all regex match
|
||||
},
|
||||
'dnsmap': {
|
||||
'name': 'dnsmap',
|
||||
'regex1': r'DNS Network Mapper by pagvac',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dnsmap-tool"', # tag if all regex match
|
||||
},
|
||||
'dotdotpwn': {
|
||||
'name': 'dotdotpwn',
|
||||
'regex1': r'DotDotPwn v[^ ]+|dotdotpwn@sectester.net|\[\+\] Creating Traversal patterns',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dotdotpwn-tool"', # tag if all regex match
|
||||
},
|
||||
'searchsploit': {
|
||||
'name': 'searchsploit',
|
||||
'regex1': r'\| (exploits|shellcodes|)/|\.searchsploit_rc',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="searchsploit-tool"', # tag if all regex match
|
||||
},
|
||||
'fierce': {
|
||||
'name': 'fierce',
|
||||
'regex1': r'(?s)Trying zone transfer first.+Checking for wildcard DNS',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="fierce-tool"', # tag if all regex match
|
||||
},
|
||||
'firewalk': {
|
||||
'name': 'firewalk',
|
||||
'regex1': r'Firewalk state initialization completed successfully|Ramping phase source port',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="firewalk-tool"', # tag if all regex match
|
||||
},
|
||||
'fragroute': {
|
||||
'name': 'fragroute',
|
||||
'regex1': r'\bfragroute: tcp_seg -> ip_frag',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="fragroute-tool"', # tag if all regex match
|
||||
},
|
||||
'fragrouter': {
|
||||
'name': 'fragrouter',
|
||||
'regex1': r'fragrouter: frag-\d+:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="fragrouter-tool"', # tag if all regex match
|
||||
},
|
||||
'goofile': {
|
||||
'name': 'goofile',
|
||||
'regex1': r'code.google.com/p/goofile\b',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="goofile-tool"', # tag if all regex match
|
||||
},
|
||||
'intrace': {
|
||||
'name': 'intrace',
|
||||
'regex1': r'\bInTrace [\d.]+ \-\-',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="intrace-tool"', # tag if all regex match
|
||||
},
|
||||
'ismtp': {
|
||||
'name': 'ismtp',
|
||||
'regex1': r'Testing SMTP server \[user enumeration\]',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="ismtp-tool"', # tag if all regex match
|
||||
},
|
||||
'lbd': {
|
||||
'name': 'lbd',
|
||||
'regex1': r'Checking for (DNS|HTTP)-Loadbalancing',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="lbd-tool"', # tag if all regex match
|
||||
},
|
||||
'miranda': {
|
||||
'name': 'miranda',
|
||||
'regex1': r'Entering discovery mode for \'upnp:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="miranda-tool"', # tag if all regex match
|
||||
},
|
||||
'ncat': {
|
||||
'name': 'ncat',
|
||||
'regex1': r'nmap.org/ncat',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="ncat-tool"', # tag if all regex match
|
||||
},
|
||||
'ohrwurm': {
|
||||
'name': 'ohrwurm',
|
||||
'regex1': r'\bohrwurm-[\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="ohrwurm-tool"', # tag if all regex match
|
||||
},
|
||||
'oscanner': {
|
||||
'name': 'oscanner',
|
||||
'regex1': r'Loading services/sids from service file',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="oscanner-tool"', # tag if all regex match
|
||||
},
|
||||
'sfuzz': {
|
||||
'name': 'sfuzz',
|
||||
'regex1': r'AREALLYBADSTRING|sfuzz/sfuzz',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="sfuzz-tool"', # tag if all regex match
|
||||
},
|
||||
'sidguess': {
|
||||
'name': 'sidguess',
|
||||
'regex1': r'SIDGuesser v[\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="sidguess-tool"', # tag if all regex match
|
||||
},
|
||||
'sqlninja': {
|
||||
'name': 'sqlninja',
|
||||
'regex1': r'Sqlninja rel\. [\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="sqlninja-tool"', # tag if all regex match
|
||||
},
|
||||
'sqlsus': {
|
||||
'name': 'sqlsus',
|
||||
'regex1': r'sqlsus version [\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="sqlsus-tool"', # tag if all regex match
|
||||
},
|
||||
'dnsdict6': {
|
||||
'name': 'dnsdict6',
|
||||
'regex1': r'Starting DNS enumeration work on',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dnsdict6-tool"', # tag if all regex match
|
||||
},
|
||||
'unixprivesccheck': {
|
||||
'name': 'unixprivesccheck',
|
||||
'regex1': r'Recording Interface IP addresses',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="unixprivesccheck-tool"', # tag if all regex match
|
||||
},
|
||||
'yersinia': {
|
||||
'name': 'yersinia',
|
||||
'regex1': r'yersinia@yersinia.net',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="yersinia-tool"', # tag if all regex match
|
||||
},
|
||||
'armitage': {
|
||||
'name': 'armitage',
|
||||
'regex1': r'\[\*\] Starting msfrpcd for you',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="armitage-tool"', # tag if all regex match
|
||||
},
|
||||
'backdoorfactory': {
|
||||
'name': 'backdoorfactory',
|
||||
'regex1': r'\[\*\] In the backdoor module',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="backdoorfactory-tool"', # tag if all regex match
|
||||
},
|
||||
'beef': {
|
||||
'name': 'beef',
|
||||
'regex1': r'Please wait as BeEF services are started',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="beef-tool"', # tag if all regex match
|
||||
},
|
||||
'cat': {
|
||||
'name': 'cat',
|
||||
'regex1': r'Cisco Auditing Tool.+?g0ne',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="cat-tool"', # tag if all regex match
|
||||
},
|
||||
'cge': {
|
||||
'name': 'cge',
|
||||
'regex1': r'Vulnerability successful exploited with \[',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="cge-tool"', # tag if all regex match
|
||||
},
|
||||
'john': {
|
||||
'name': 'john',
|
||||
'regex1': r'John the Ripper password cracker, ver:|Loaded \d+ password hash \(',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="john-tool"', # tag if all regex match
|
||||
},
|
||||
'keimpx': {
|
||||
'name': 'keimpx',
|
||||
'regex1': r'\bkeimpx [\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="keimpx-tool"', # tag if all regex match
|
||||
},
|
||||
'maskprocessor': {
|
||||
'name': 'maskprocessor',
|
||||
'regex1': r'mp by atom, High-Performance word generator',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="maskprocessor-tool"', # tag if all regex match
|
||||
},
|
||||
'ncrack': {
|
||||
'name': 'ncrack',
|
||||
'regex1': r'Starting Ncrack[^\n]+http://ncrack.org',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="ncrack-tool"', # tag if all regex match
|
||||
},
|
||||
'patator': {
|
||||
'name': 'patator',
|
||||
'regex1': r'http://code.google.com/p/patator/|Starting Patator v',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="patator-tool"', # tag if all regex match
|
||||
},
|
||||
'phrasendrescher': {
|
||||
'name': 'phrasendrescher',
|
||||
'regex1': r'phrasen\|drescher [\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="phrasendrescher-tool"', # tag if all regex match
|
||||
},
|
||||
'polenum': {
|
||||
'name': 'polenum',
|
||||
'regex1': r'\[\+\] Password Complexity Flags:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="polenum-tool"', # tag if all regex match
|
||||
},
|
||||
'rainbowcrack': {
|
||||
'name': 'rainbowcrack',
|
||||
'regex1': r'Official Website: http://project-rainbowcrack.com/',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="rainbowcrack-tool"', # tag if all regex match
|
||||
},
|
||||
'rcracki_mt': {
|
||||
'name': 'rcracki_mt',
|
||||
'regex1': r'Found \d+ rainbowtable files\.\.\.',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="rcracki_mt-tool"', # tag if all regex match
|
||||
},
|
||||
'tcpdump': {
|
||||
'name': 'tcpdump',
|
||||
'regex1': r'tcpdump: listening on.+capture size \d+|\d+ packets received by filter',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="tcpdump-tool"', # tag if all regex match
|
||||
},
|
||||
'hydra': {
|
||||
'name': 'hydra',
|
||||
'regex1': r'Hydra \(http://www.thc.org/thc-hydra\)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="hydra-tool"', # tag if all regex match
|
||||
},
|
||||
'netcat': {
|
||||
'name': 'netcat',
|
||||
'regex1': r'Listening on \[[\d.]+\] \(family',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="netcat-tool"', # tag if all regex match
|
||||
},
|
||||
'nslookup': {
|
||||
'name': 'nslookup',
|
||||
'regex1': r'Non-authoritative answer:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="nslookup-tool"', # tag if all regex match
|
||||
},
|
||||
'dig': {
|
||||
'name': 'dig',
|
||||
'regex1': r'; <<>> DiG [\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dig-tool"', # tag if all regex match
|
||||
},
|
||||
'whois': {
|
||||
'name': 'whois',
|
||||
'regex1': r'(?i)Registrar WHOIS Server:|Registrar URL: http://|DNSSEC: unsigned|information on Whois status codes|REGISTERED, DELEGATED|[Rr]egistrar:|%[^\n]+(WHOIS|2016/679)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="whois-tool"', # tag if all regex match
|
||||
},
|
||||
'nessus': {
|
||||
'name': 'nessus',
|
||||
'regex1': r'nessus_(report_(get|list|exploits)|scan_(new|status))|nessuscli|nessusd|nessus-service',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="nessus-tool"', # tag if all regex match
|
||||
},
|
||||
'openvas': {
|
||||
'name': 'openvas',
|
||||
'regex1': r'/openvas/',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="openvas-tool"', # tag if all regex match
|
||||
},
|
||||
'golismero': {
|
||||
'name': 'golismero',
|
||||
'regex1': r'GoLismero[\n]+The Web Knife',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="golismero-tool"', # tag if all regex match
|
||||
},
|
||||
'wpscan': {
|
||||
'name': 'wpscan',
|
||||
'regex1': r'WordPress Security Scanner by the WPScan Team|\[\+\] Interesting header:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="wpscan-tool"', # tag if all regex match
|
||||
},
|
||||
'skipfish': {
|
||||
'name': 'skipfish',
|
||||
'regex1': r'\[\+\] Sorting and annotating crawl nodes:|skipfish version [\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="skipfish-tool"', # tag if all regex match
|
||||
},
|
||||
'arachni': {
|
||||
'name': 'arachni',
|
||||
'regex1': r'With the support of the community and the Arachni Team|\[\*\] Waiting for plugins to settle\.\.\.',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="arachni-tool"', # tag if all regex match
|
||||
},
|
||||
'dirb': {
|
||||
'name': 'dirb',
|
||||
'regex1': r'==> DIRECTORY:|\bDIRB v[\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dirb-tool"', # tag if all regex match
|
||||
},
|
||||
'joomscan': {
|
||||
'name': 'joomscan',
|
||||
'regex1': r'OWASP Joomla! Vulnerability Scanner v[\d.]+',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="joomscan-tool"', # tag if all regex match
|
||||
},
|
||||
'jbossautopwn': {
|
||||
'name': 'jbossautopwn',
|
||||
'regex1': r'\[x\] Now creating BSH script\.\.\.|\[x\] Now deploying \.war file:',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="jbossautopwn-tool"', # tag if all regex match
|
||||
},
|
||||
'grabber': {
|
||||
'name': 'grabber',
|
||||
'regex1': r'runSpiderScan @',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="grabber-tool"', # tag if all regex match
|
||||
},
|
||||
'fimap': {
|
||||
'name': 'fimap',
|
||||
'regex1': r'Automatic LFI/RFI scanner and exploiter',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="fimap-tool"', # tag if all regex match
|
||||
},
|
||||
'dsxs': {
|
||||
'name': 'dsxs',
|
||||
'regex1': r'Damn Small XSS Scanner \(DSXS\)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dsxs-tool"', # tag if all regex match
|
||||
},
|
||||
'dsss': {
|
||||
'name': 'dsss',
|
||||
'regex1': r'Damn Small SQLi Scanner \(DSSS\)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dsss-tool"', # tag if all regex match
|
||||
},
|
||||
'dsjs': {
|
||||
'name': 'dsjs',
|
||||
'regex1': r'Damn Small JS Scanner \(DSJS\)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dsjs-tool"', # tag if all regex match
|
||||
},
|
||||
'dsfs': {
|
||||
'name': 'dsfs',
|
||||
'regex1': r'Damn Small FI Scanner \(DSFS\)',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="dsfs-tool"', # tag if all regex match
|
||||
},
|
||||
'identywaf': {
|
||||
'name': 'identywaf',
|
||||
'regex1': r'\[o\] initializing handlers\.\.\.',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="identywaf-tool"', # tag if all regex match
|
||||
},
|
||||
'whatwaf': {
|
||||
'name': 'whatwaf',
|
||||
'regex1': r'<sCRIPT>ALeRt.+?WhatWaf\?',
|
||||
'nb_regex': 1,
|
||||
'max_execution_time': default_max_execution_time,
|
||||
'tag': 'infoleak:automatic-detection="whatwaf-tool"', # tag if all regex match
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
publisher.port = 6380
|
||||
publisher.channel = "Script"
|
||||
|
|
Loading…
Reference in New Issue