-
Notifications
You must be signed in to change notification settings - Fork 0
/
Test.py
67 lines (45 loc) · 1.3 KB
/
Test.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
from Attacks.Fuzz import Fuzzer
from Utilities.Requests import Requests
from Attacks.ActiveSQLInjection import ActiveSQLInjection
from Attacks.PassiveSQLInjection import PassiveSQLInjection
from Attacks.XSS import XSS
from timeit import default_timer as timer
from Attacks.BruteForce import BruteForce
from Utilities import Link
from Attacks.Sensitive import Sensitive
from Attacks.CSRF import CSRF
import logging
logging.basicConfig(format="%(asctime)s - %(levelname)s %(message)s", level = logging.INFO)
""""
PERFORM A UNIT TEST ON BRUTE FORCE, ACTIVE AND PASSIVE SQL
"""
request = Requests()
request = request.request
url = "http://localhost/dvwa"
b = BruteForce(url, request)
flag, username, password, url = b.startBruteForce()
fuzz = Fuzzer(request)
fuzz.discover(url)
fuzz.print_discovered_links()
links = fuzz.get_fuzz_links()
"""
fuzz.print_discovered_links()
links = fuzz.get_fuzz_links()
"""
p_sql = PassiveSQLInjection(request)
links = fuzz.get_fuzz_links()
p_sql.attack(links)
p_sql.sql_injection_result()
"""
sensitive = Sensitive(links)
sensitive.search()
sensitive.display_sensitive_search_result()
"""
a_sql = ActiveSQLInjection(request)
links = fuzz.get_fuzz_links()
a_sql.attack(links)
a_sql.sql_injection_result()
#
# csrf = CSRF(links)
# csrf.scan()
# csrf.csrf_protection_result()