基于Python3的漏洞检测工具 ( Python3 插件式框架 )

[TOC]

Python3 漏洞检测工具 -- lance

lance, a simple version of the vulnerability detection framework based on Python3.

基于Python3的简单版漏洞检测框架 -- lance

可以自定义poc或exp插件，可以指定要加载的poc或exp。

代码已经上传到Github : https://github.com/b4zinga/lance

screenshot

requirements

python3

关键代码

def loadPlugin(url, poc=None):    """load all plugins.    """    if "://" not in url:        url = "http://" + url    url = url.strip("/")    print("[*] Target url: %s" % url)    plugin_path = os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))),"plugins")    if not os.path.isdir(plugin_path):        print("[!] %s is not a directory! " % plugin_path)        raise EnvironmentError    print("[*] Plugin path: %s " % plugin_path)    items = os.listdir(plugin_path)    if poc:        print("[*] Loading %s plugins." % poc)        for item in items:            if item.endswith(".py") and not item.startswith('__'):                plugin_name = item[:-3]                if poc in plugin_name:                    print("[*] Loading plugin: %s" % plugin_name)                    module = importlib.import_module("plugins." + plugin_name)                    try:                        result = module.run(url)                        if result:                            print("[+] " + result)                        else:                            print("[-] Not Vulnerable %s " % plugin_name)                    except:                        print("[!] ConnectionError ")                else:                    continue    else:        for item in items:            if item.endswith(".py") and not item.startswith('__'):                plugin_name = item[:-3]                print("[*] Loading plugin: %s" % plugin_name)                module = importlib.import_module("plugins." + plugin_name)                try:                    result = module.run(url)                    if result:                        print("[+] " + result)                    else:                        print("[-] Not Vulnerable %s " % plugin_name)                except:                    print("[!] ConnectionError ")    print("[*] Finished")

usage

please run python3 lance.py -h for help.

root@kali:~/lance# python3 lance.py usage: python lance.pylance. By b4zinga@outlook.comoptional arguments:  -h, --help  show this help message and exitTarget:  -u URL      target url.Module:  -m module   poc or exp to be loaded. defaul is all.

documents

说明文档 : https://github.com/b4zinga/lance/blob/master/README.md

Guide : https://github.com/b4zinga/lance/blob/master/docs/Guide.md

ChangeLog : https://github.com/b4zinga/lance/blob/master/docs/ChangeLog.md

TODOList : https://github.com/b4zinga/lance/blob/master/docs/TODOList.md

Any advice or sugggestions

Please mail to b4zinga@outlook.com

代码已经上传到Github : https://github.com/b4zinga/lance