Hey all,
Just wanted to suggest the addition of a python web enumeration app to the repo.
It's hosted on bitbucket:
https://bitbucket.org/al14s/rawrGit:
https://bitbucket.org/al14s/rawr.gitI just released it at Caronlinac0n:
http://www.youtube.com/watch?v=YuQXUCWmkxAFrom the Wiki:RAWR - Rapid Assessment of Web Resourcesby: Adam Byers (@al14s)
Requirements:
nmap - at least 6.00 - required for SSL strength assessment
python - tested with 2.7
phantomJS - tested with 1.8.1
Installation:
Run ' ./rawr.py --check-install ' Checks for nmap, then downloads the latest default password list, IP to country list, and phantomJS (from google.code).
OS Compatibility (tested with):
Backtrack 5r3 x86 / NMap 6.01
Ubuntu 12.04LTS x64 / NMap 5.21 (nmap caused errors due to absence of ssl-enum-ciphers.nse)
MacOSX 10.8.2 / NMap 6.25
Windows 7 Ultimate / NMap 6.25
Windows XP Pro SP3 / NMap 6.25
Windows 8 x64 / NMap 6.25
Browser Compatibility:
Supported - Firefox (tested w/ 14)
Tested/working on - Safari (tested w/ 5), Chrome (tested w/ 22), IE (tested w/ 7-9)
Usage: ./rawr.py [-n <range> (-p <ports|all|fuzzdb>)|-x <xml file>]
[-u] [-e] [--sslv] [-z] [-d <dir>]
INPUT OPTIONS:
-i Target an input list. [NMap format] [can't be used with -n]
-n Target the specified range or host. [NMap format]
-p Specify port(s) to scan. [default is '80,443,8080,8088']
-t Set a custom NMap scan timing. [default is 4]
-x An xml file or dir containing xml files from which to pull hosts.
--sslv Assess the SSL security of each target. [considered intrusive]
OUTPUT OPTIONS:
-d Logging Directory [default is './log_[date]_[time]_rawr']
-e Exclude default username/password data from output.
-z Compress log folder when finished.
OTHER:
-b Use Bing to gather external hostnames. (good for shared hosting)
-h Show this info + summary + examples.
-u Check for newer version of IpToCountry.csv and defpass.csv.
-U Force update of IpToCountry.csv and defpass.csv.
--check-install Check for newer IpToCountry.csv and defpass.csv,
Check for presence of NMap and its version.
Check for presence of phantomJS, prompts if installing.
--force-install Force update - IpToCountry.csv, defpass,csv, phantomJS.
Check for presence of NMap and its version.
SUMMARY:
Uses NMap scan data (by running a scan or from previous xml output)
to target web services for enumeration. Visits each host on each
port with an identified web service and gathers all of the data.
Output:
All NMap output formats (xml uses local copy of nmap.xsl)
CSV worksheet containing all collected info.
HTML report (searchable, jQuery-driven, standalone)
Images folder (contains screenshots of the web interfaces)
Cookies folder
SSL Certificates folder
Usage diagram:
.--LOG --. .--SCAN --.
|./log_[dt]_rawr/ | | -x nmap xml or dir of xml files |
|-z .tar file > | -i use an input list for NMap |
|-d log directory | | -n nmap <range> > [.xml data]
`-- --' | (-p <ports>,-t <timing>) | .
`-- --' |
.------------------------------------'
|
.--SUPPLEMENT --. | .--ENUMERATE --.
| IpToCountry.csv & | `-> | Web service enumeration |
| defpass.csv | | (screenshot, record server data) --.
| -u|-U to update from ----> | --sslv [intrusive] SSL assessment| |
| the SF page or | `-- --' |
| -e to exclude defpass | |
| -b use Bing for DNS | .----------------------------------------`
`-- --' |
| .--OUTPUT --.
| | CSV worksheet |
| | HTML report |
`-> | NMap output >
| Cookies |
| Screenshots |
| SSL certs |
`-- --'
Best regards,
al14s
