Skip to main content
Help us improve PyPI by participating in user testing. All experience levels needed!

OWASP WEB Directory Scanner

Project description

https://coveralls.io/repos/github/stanislav-web/OpenDoor/badge.svg?branch=master https://landscape.io/github/stanislav-web/OpenDoor/master/landscape.svg?style=flat https://readthedocs.org/projects/opendoor/badge/?version=latest https://travis-ci.org/stanislav-web/OpenDoor.svg?branch=master https://ci.appveyor.com/api/projects/status/3hmrb64ofdssi4qd?svg=true

OpenDoor OWASP is console multifunctional web sites scanner. This application find all possible ways to login, index of/ directories, restricted access points, subdomains, hidden data and large backups. The scanning is performed by the built-in dictionary and external dictionaries as well. Anonymity and speed are provided by means of using proxy servers. Software is written for informational purposes and is open source product under the GPL license.

  • Current v3.2.36-rc (04.06.2017)
    • Directories - 35888
    • Subdomains - 101000

*Testing of the software on the live commercial systems and organizations is prohibited!*

OpenDoor OWASP

Alt text

Implements

  • [x] multithreading control
  • [x] scan’s reports
  • [x] directories scanner
  • [x] subdomains scanner
  • [x] HTTP(S) (PORT) support
  • [x] Keep-alive long pooling
  • [x] HTTP(S)/SOCKS proxies
  • [x] dynamic request header
  • [x] custom wordlst’s prefixes
  • [x] custom wordlists, proxies, ignore lists
  • [x] debug levels (1-3)
  • [x] extensions filter
  • [x] custom reports directory
  • [x] custom config wizard (use random techniques)
  • [x] analyze techniques
    • detect redirects
    • detect index of/ Apache
    • detect large files
    • certif required pages
  • [x] randomization techniques
    • random user-agent per request
    • random proxy per request
    • wordlists shuffling

Local installation and run

git clone https://github.com/stanislav-web/OpenDoor.git
cd OpenDoor/
pip install -r requirements.txt
chmod +x opendoor.py

python3 opendoor.py --host http://www.example.com

Global installation (Preferably for OS distributions)

git clone https://github.com/stanislav-web/OpenDoor.git
cd OpenDoor/
python3 setup.py build && python3 setup.py install

opendoor --host http://www.example.com

Updates

python3 opendoor.py --update
opendoor --update

Changelog (last changes)

v3.3.36-rc (04.08.2017)

- Add config wizard (allows you to configure own project)

v3.2.36-rc (04.06.2017)

- Added custom reports directory --reports-dir /home/user/Reports
- Added user guide --docs
- Reusable proxy requests pooling in --tor, --torlist
- Prevent socks5 proxies warnings
- Optimizing scan execution
- Request's delays allow to use of milliseconds
- Python2.7 no longer support

Help

usage: opendoor.py [-h] [--host HOST] [-p PORT] [-m METHOD] [-t THREADS]
                   [-d DELAY] [--timeout TIMEOUT] [-r RETRIES]
                   [--accept-cookies] [--debug DEBUG] [--tor]
                   [--torlist TORLIST] [--proxy PROXY] [-s SCAN] [-w WORDLIST]
                   [--reports REPORTS] [--reports-dir REPORTS_DIR]
                   [--random-agent] [--random-list] [--prefix PREFIX]
                   [-e EXTENSIONS] [-i] [--update] [--version] [--examples]
                   [--docs] [--wizard [WIZARD]]

optional arguments:
  -h, --help            show this help message and exit

required named options:
  --host HOST           Target host (ip); --host http://example.com

Application tools:
  --update              Update from CVS
  --version             Get current version
  --examples            Examples of usage
  --docs                Read documentation
  --wizard [WIZARD]     Run wizard scanner from your config

Debug tools:
  --debug DEBUG         Debug level 1 - 3

Reports tools:
  --reports REPORTS     Scan reports (json,std,txt,html)
  --reports-dir REPORTS_DIR
                        Path to custom reports dir

Request tools:
  -p PORT, --port PORT  Custom port (Default 80)
  -m METHOD, --method METHOD
                        Request method (use HEAD as default)
  -d DELAY, --delay DELAY
                        Delay between requests threading
  --timeout TIMEOUT     Request timeout (30 sec default)
  -r RETRIES, --retries RETRIES
                        Max retries to reconnect (default 3)
  --accept-cookies      Accept and route cookies from responses
  --tor                 Using built-in proxylist
  --torlist TORLIST     Path to custom proxylist
  --proxy PROXY         Custom permanent proxy server
  --random-agent        Randomize user-agent per request

Sniff tools:
  -i, --indexof         Detect Apache Index of/

Stream tools:
  -t THREADS, --threads THREADS
                        Allowed threads

Wordlist tools:
  -s SCAN, --scan SCAN  Scan type scan=directories or scan=subdomains
  -w WORDLIST, --wordlist WORDLIST
                        Path to custom wordlist
  --random-list         Shuffle scan list
  --prefix PREFIX       Append path prefix to scan host
  -e EXTENSIONS, --extensions EXTENSIONS
                        Extensions filter -e php,json e.g

Maintainers

Tests

pip install  -r requirements-dev.txt
coverage run --source=src/ setup.py test

Contributors

If you like to contribute to the development of the project in that case pull requests are open for you. Also, you can suggest an ideas and create a task in my track list

Issues License Thanks

Project details


Release history Release notifications

This version
History Node

3.3.36rc0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
opendoor-3.3.36rc0.tar.gz (569.5 kB) Copy SHA256 hash SHA256 Source None Jun 8, 2017

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page