0/1-Day Semiautomation Anaylsis Tool
Project description
vulzap
Web-based 0/1-Day Semi-Automation Analysis Tool
Key Features • How To Use • Build • License
Key Features
Installation
Manual
$ python3 setup.py install
$ pip3 install vulzap
How To Use
Set environments
Key | Value (default) |
---|---|
DB_HOST | MySQL Host (localhost) |
DB_PORT | MySQL Port (3306) |
DB_USER | MySQL User (root) |
DB_PASSWD | MySQL Password () |
DB_NAME | MySQL DataBase (vulzap) |
Default
DB_HOST=localhost
DB_PORT=3306
DB_USER=root
DB_PASSWD=
DB_NAME=vulzap
Under ~/.vzrc
(MacOS), %UserProfile\.vzrc
(Windows)
You can set environment values with this command:
$ vz setenv <key> <value>
Also can print environment values with this command:
$ vz printenv
Crawl
$ python vulzap\main.py crawl -u http://localhost:9001 -H "{'Cookie': 'test'}"
Exploit
vulzap supports: XSS(Cross Site Script), SQL Injection
XSS
$ python vulzap\main.py exploit --mode xss -u http://13.209.98.240/DVWA/vulnerabilities/xss_r/?name=name -m GET
$ python vulzap/main.py exploit --mode xss -u http://13.209.98.240/DVWA/vulnerabilities/xss_r/?name=name -m GET
SQL Injection
$ python vulzap\main.py exploit --mode sqli -d "{'http://testphp.vulnweb.com/listproducts.php': {'GET': ['cat'], 'POST': []}, 'http://example.com/': {'GET': ['search', 'def'], 'POST': []}}"
$ python vulzap/main.py exploit --mode sqli -d "{'http://testphp.vulnweb.com/listproducts.php': {'GET': ['cat'], 'POST': []}, 'http://example.com/': {'GET': ['search', 'def'], 'POST': []}}"
show
$ python vulzap\main.py show
proxy
$ python vulzap\main.py proxy --host localhost --port 8080
Build
# test build
$ python setup.py develop
$ python setup.py install
Release
$ python setup.py sdist bdist_wheel
$ python -m twine upload dist/*
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
vulzap-0.1.1.tar.gz
(25.0 kB
view hashes)
Built Distribution
vulzap-0.1.1-py3-none-any.whl
(30.2 kB
view hashes)