Tool For Fuzz Web Applications

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for lyle from gravatar.com lyle

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GPLv3 Licence
  • Author: Lyle
  • Tags Web Security , Fuzz
Report project as malware

Project description

Saker logo

Python 2.7 License

Saker is a tool for fuzz Web Applications. It can be used to penetrate website, fuzz some vulnerabilities, brute password and dirs.

This project is for research and study only, do not use Saker for unauthorized penetration testing.

Install

pip install -r requirements.txt
git clone https://github.com/LyleMi/Saker.git
python setup.py install

or by pip

pip install Saker

Features

Scan Website

>>> from saker.main import Saker
>>> s = Saker("http://127.0.0.1")
>>> s.scan(filename="index.php", ext="php")

or by shell

usage: main.py [options]
Tool For Fuzz Web Applications

optional arguments:
  -h, --help            show this help message and exit
  -s, --scan            run with list model
  -f file, --file file  scan specific file
  -e ext, --ext ext     scan specific ext
  -i, --interactive     run with interactive model
  -u URL, --url URL     define specific url
  -p PROXY, --proxy PROXY
                        proxy url
  -t INTERVAL, --timeinterval INTERVAL
                        scan time interval, random sleep by default

Generate fuzz payload

>>> from saker.fuzzer.code import Code
>>> payload = Code.fuzzErrorUnicode(payload)

Brute password or others

>>> from saker.brute.dir import DirBrute
>>> dirBrute = DirBrute("php", "index.php")
>>> paths = dirBrute.weakfiles()

now support brute http basic auth, ftp, mysql, ssh, telnet, zipfile...

Call Some API

>>> from saker.api.dnsdumper import DNSdumpster
>>> DNSdumpster("github.com")

Handle HTML

>>> from saker.handler.htmlhandler import HTMLHandler
>>> h = HTMLHandler("<html><head><title>title</title></head><body></body></html>")
>>> print(h.title)

Port Scanner

>>> from saker.port.nmap import Nmap
>>> n = Nmap(domain)
>>> ret = n.run()
>>> print(n.ret)

TODO

  • FingerPrint
  • AutoTest

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for lyle from gravatar.com lyle

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GPLv3 Licence
  • Author: Lyle
  • Tags Web Security , Fuzz

Release history Release notifications | RSS feed

1.0.11

1.0.9

1.0.8

1.0.7

1.0.6

1.0.5

This version

1.0.4

1.0.3

1.0.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Saker-1.0.4.tar.gz (33.1 kB view details)

Uploaded Source

File details

Details for the file Saker-1.0.4.tar.gz.

File metadata

  • Download URL: Saker-1.0.4.tar.gz
  • Upload date:
  • Size: 33.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.21.0 setuptools/40.6.3 requests-toolbelt/0.8.0 tqdm/4.28.1 CPython/2.7.14

File hashes

Hashes for Saker-1.0.4.tar.gz
Algorithm Hash digest
SHA256 45250f3a1e2e2ed19a309772d041ce7920b42bf99270189c0f4e918b81372061
MD5 b8eb7bee6aa1c4e589af9e63701ba1b9
BLAKE2b-256 9685da08eb00341d971eb1c9c717c25fe35e7424c0bea3d4372ef9fc3bf55874

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page