Skip to main content

Web Content Discovery Tool

Project description

Cansina

IMPORTANT: Clone this repository with:

    git clone --depth=1 https://github.com/deibit/cansina

Build Status

Cansina is a Web Content Discovery Application.

It is well known Web applications don't publish all their resources or public links, so the only way to discover these resources is requesting for them and check the response.

Cansina duty is to help you making requests and filtering and inspecting the responses to tell apart if it is an existing resource or just an annoying or disguised 404.

Feature requests and comments are welcome.

Cansina is included in BlackArch Linux, give it a try!

CansinaImage

Speed

Wanna make Cansina run faster? Grab my cup of coffee.

Cansina downloads page content for inspection by default (Yep, Cansina does not racing for speed). but you can disable GET requests and make them HEAD (no body page download). Also, do no print the fancy terminal interface (you will lost some hackish points).

  • Put -H to make requests lighter
  • Put --no-progress to print no fancy information in the screen
  • Raise default threads to ten with -t 10 (or even more if you don't mind noise and faulty tries)

Integrated tree viewer

Cansina integrates a tree viewer (thanks to asciitree package) to output a project sqlite base stored results (http 200 status code by now).

./cansina.py -V output/http_testphp.vulnweb.com.sqlite

ViewerImage

Windows

Untested in Windows. It should work with --no-progress

Installation

git clone --depth=1 https://github.com/deibit/cansina

cd cansina

pip install -r requirements.txt

From release tagged Py27, Cansina is made with Python 3.x in mind.

Last version with Python 2.7 support

Usage

Wiki is full of documentation and examples. But as a fast example:

python3 cansina.py -u <site_url> -p <payload_file>

Help summary:

python3 cansina.py -h

Options

usage: cansina.py -u url -p payload [options]

Cansina is a web content discovery tool. It makes requests and analyze the
responses trying to figure out whether the resource is or not accessible.

optional arguments:
  -h, --help            show this help message and exit
  -A AUTHENTICATION     Basic Authentication (e.g: user:password)
  -C COOKIES            your cookies (e.g: key:value)
  -D                    Check for fake 404 (warning: machine decision)
  -H                    Make HTTP HEAD requests
  -P PROXIES            Set a http and/or https proxy (ex:
                        http://127.0.0.1:8080,https://...
  -S                    Remove ending slash for payloads
  -T REQUEST_DELAY      Time (a float number, e.g: 0.25 or 1.75) between
                        requests
  -U                    Make payload requests upper-case
  -a USER_AGENT         The preferred user-agent (default provided)
  -b BANNED             List of banned response codes
  -B UNBANNED           List of unbanned response codes, mark all response as
                        invalid without unbanned response codes, higher
                        priority than banned
  -c CONTENT            Inspect content looking for a particular string
  -d DISCRIMINATOR      If this string if found it will be treated as a 404
  -e EXTENSION          Extension list to use e.g: php,asp,...(default none)
  -o OUTPUT             Write (append) results in CSV format to a file; -o
                        <filename>
  -p PAYLOAD            A single file, a file with filenames (.payload) or a
                        directory (will do *.txt)
  -s SIZE_DISCRIMINATOR
                        Will skip pages with this size in bytes (or a list of
                        sizes 0,500,1500...)
  -t THREADS            Number of threads (default 4)
  -u TARGET             Target url
  -r RESUME             Resume a session
  -R                    Parse robots.txt and check its contents
  --recursive           Recursive descend on path directories
  --no-persist          Do not Use HTTP persistent connections
  --full-path           Show full path instead of only resources
  --show-type           Show content-type in results
  --no-follow           Do not follow redirections
  --line CONTINUE_LINE  Continue payload in line <n>
  --resumer             Save session in a file
  --headers HEADERS     Set personalized headers: key=value;key=value...
  --capitalize          Transform 'word' into 'Word'.
  --strip-extension     Strip word extension: word.ext into word
  --alpha               Filter non alphanumeric words from wordlist
  --no-progress         Don't show tested words and progress. (For dumb
                        terminals)
  --no-colors           Don't use output colors to keep output clean, e.g.
                        when redirecting output to file

License, requests, etc: https://github.com/deibit/cansina

Features

  • Data persistence with sqlite database
  • Optional output in CSV format
  • Multithreading
  • Multiextension
  • Custom headers
  • Multiple wordlists from directories
  • Content detection
  • Filter results by size
  • Filter results by content
  • URL pattern (***) to interpolate strings
  • SSL support
  • Proxy support
  • Basic Authentication
  • Cookie jar
  • Resuming
  • Path recursion
  • Persistent connections
  • Complementary tools

Important

This tool is intended to be used in a fair and legal context, meaning, for example, a penetration testing for which you have been provided previous authorization.

One of its legitimate uses might be the one described in the following article:

Dependencies

Wordlists

License information

License: GNU General Public License, version 3 or later; see LICENSE.txt included in this archive for details.

Project details


Release history Release notifications | RSS feed

This version

0.9

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cansina-0.9.tar.gz (45.9 kB view details)

Uploaded Source

Built Distribution

cansina-0.9-py3-none-any.whl (47.1 kB view details)

Uploaded Python 3

File details

Details for the file cansina-0.9.tar.gz.

File metadata

  • Download URL: cansina-0.9.tar.gz
  • Upload date:
  • Size: 45.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.5

File hashes

Hashes for cansina-0.9.tar.gz
Algorithm Hash digest
SHA256 eed1d09db940ab6df45610bbbee15ec48b63e2144d488d8a7e894e6a246e783c
MD5 99620a08bbc62f8982a013f75b135f77
BLAKE2b-256 c92d5b44288b8e9b79c0354d32982722325e529eb156938620dc4aacae15ab84

See more details on using hashes here.

File details

Details for the file cansina-0.9-py3-none-any.whl.

File metadata

  • Download URL: cansina-0.9-py3-none-any.whl
  • Upload date:
  • Size: 47.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.5

File hashes

Hashes for cansina-0.9-py3-none-any.whl
Algorithm Hash digest
SHA256 ca10f56387ece26f6623b8ca5b7700cb8e6f482270eeb3723e09f47552c52fc5
MD5 437ceed5c11bd183ab24fe53c97dfe46
BLAKE2b-256 7485e49236bcd56768784f972ecd4e7a48c6e0948007d57d606f82af5a78303d

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page