{"id":20292462,"url":"https://github.com/mauricelambert/webscripts","last_synced_at":"2025-04-11T11:22:20.836Z","repository":{"id":41396574,"uuid":"420365404","full_name":"mauricelambert/WebScripts","owner":"mauricelambert","description":"This tool runs scripts and display the result in a Web Interface.","archived":false,"fork":false,"pushed_at":"2024-06-28T16:45:07.000Z","size":2883,"stargazers_count":10,"open_issues_count":1,"forks_count":2,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-18T13:12:51.890Z","etag":null,"topics":["admin-tools","devops-tools","devsecops","environment-share","pypi-package","python3","script-executor","scripts-share","security","security-tools","soc-tools","teams-tools","webserver","website","wsgi-server"],"latest_commit_sha":null,"homepage":"https://webscripts.readthedocs.io/en/latest/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mauricelambert.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/Security_Considerations.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-10-23T09:11:22.000Z","updated_at":"2024-08-12T20:17:29.000Z","dependencies_parsed_at":"2024-04-11T07:28:27.735Z","dependency_job_id":"7826c720-97db-4681-98a5-c3cc2a3f169a","html_url":"https://github.com/mauricelambert/WebScripts","commit_stats":{"total_commits":613,"total_committers":2,"mean_commits":306.5,"dds":0.01631321370309946,"last_synced_commit":"b30a3a26fd8066af56e8ed0dbaa6866ba699599e"},"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mauricelambert%2FWebScripts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mauricelambert%2FWebScripts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mauricelambert%2FWebScripts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mauricelambert%2FWebScripts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mauricelambert","download_url":"https://codeload.github.com/mauricelambert/WebScripts/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248382114,"owners_count":21094540,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["admin-tools","devops-tools","devsecops","environment-share","pypi-package","python3","script-executor","scripts-share","security","security-tools","soc-tools","teams-tools","webserver","website","wsgi-server"],"created_at":"2024-11-14T15:17:22.968Z","updated_at":"2025-04-11T11:22:20.804Z","avatar_url":"https://github.com/mauricelambert.png","language":"Python","readme":"![WebScripts Logo](https://mauricelambert.github.io/info/python/code/WebScripts/small_logo.png \"WebScripts logo\")\n\n# WebScripts\n\n![PyPI](https://img.shields.io/pypi/v/WebScripts?color=orange)\n[![Downloads](https://static.pepy.tech/personalized-badge/webscripts?period=total\u0026units=none\u0026left_color=grey\u0026right_color=orange\u0026left_text=Downloads)](https://pepy.tech/project/webscripts)\n![GitHub branch checks state](https://img.shields.io/github/checks-status/mauricelambert/WebScripts/main?color=orange)\n![PyPI - Status](https://img.shields.io/pypi/status/WebScripts?color=orange)\n![PyPI - Python Version](https://img.shields.io/pypi/pyversions/WebScripts?color=orange)\n![GitHub commit activity](https://img.shields.io/github/commit-activity/y/mauricelambert/WebScripts?color=orange)\n![GitHub top language](https://img.shields.io/github/languages/top/mauricelambert/WebScripts?color=orange)\n![GitHub issues](https://img.shields.io/github/issues/mauricelambert/WebScripts?color=orange)\n![GitHub closed issues](https://img.shields.io/github/issues-closed/mauricelambert/WebScripts?color=orange)\n![GitHub](https://img.shields.io/github/license/mauricelambert/WebScripts?color=orange)\n![GitHub repo size](https://img.shields.io/github/repo-size/mauricelambert/WebScripts?color=orange)\n![Libraries.io SourceRank](https://img.shields.io/librariesio/sourcerank/pypi/webscripts?color=orange)\n[![Compatibility](https://img.shields.io/badge/compatibility-python3.8-orange)](https://webscripts.readthedocs.io/en/latest/Installation/#python38)\n[![Containers](https://img.shields.io/badge/containers-docker-orange)](https://github.com/mauricelambert/WebScriptsContainers)\n[![Code style: black](https://img.shields.io/badge/code%20style-black-orange.svg)](https://github.com/psf/black)\n\n## Description\n\nThis tool run scripts and display the result in a Web Interface ([a little presentation is available here](https://www.slideshare.net/MauriceLambert1/webscripts-server-251581216) and on my [github.io](https://mauricelambert.github.io/info/python/code/WebScripts/WebScripts.pdf)).\n\n## Goals\n\nCreate a safe, secure and easy way to share CLI (console) scripts and scripting environnments with your team or people without IT knowledge.\n\n - Secure\n    - [SAST - Static Application Security Testing](https://webscripts.readthedocs.io/en/latest/Code_Analysis_for_Security/#sast-alerts) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Code-Analysis-for-Security)) using [bandit](https://mauricelambert.github.io/info/python/code/WebScripts/bandit.txt), semgrep, CodeQL and Pycharm Security.\n    - [DAST - Dynamic Application Security Testing](https://webscripts.readthedocs.io/en/latest/Code_Analysis_for_Security/#dast-alerts) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Code-Analysis-for-Security)) using [ZAP](https://mauricelambert.github.io/info/python/code/WebScripts/ZAP.html) [(Baseline \u0026\u0026 full scan)](https://github.com/mauricelambert/WebScripts/issues/4), nuclei and some Kali Linux tools.\n    - [Web pentest](https://webscripts.readthedocs.io/en/latest/Pentest/) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Pentest)) using Kali Linux Web tools and my little experience in Web Hacking. Tools are [skipfish](https://mauricelambert.github.io/info/python/code/WebScripts/skipfish/index.html), [nikto](https://mauricelambert.github.io/info/python/code/WebScripts/nikto.html), [dirb](https://mauricelambert.github.io/info/python/code/WebScripts/dirb.txt) and [whatweb](https://mauricelambert.github.io/info/python/code/WebScripts/whatweb.json).\n    - [Hardening](https://webscripts.readthedocs.io/en/latest/Development_and_Administration_Tools/#hardening-audit)([wiki](https://github.com/mauricelambert/WebScripts/wiki/Development-and-Administration-Tools#hardening-audit)), the WebScripts installation is pre-hardened, an audit is performed at the launch of the WebScripts server and reports are generated. Defaults/examples HTML reports: \n    - [File integrity checks](https://webscripts.readthedocs.io/en/latest/Development_and_Administration_Tools/#file-integrity)([wiki](https://github.com/mauricelambert/WebScripts/wiki/Development-and-Administration-Tools#file-integrity)), the WebScripts server implements a daemon thread to check file integrity hourly.\n    - Logs with centralization (using Syslog on Linux and Event Viewer on Windows), some levels and differents files for easiest supervision, controls and investigations\n    - Easy to update and patch security issues on Linux (critical functions are implemented in Standard Library and are updated with your system) (WebScripts does not require any python external package)\n    - Easy to deploy securely (with docker or on your Linux system with Apache and UWSGI or NGINX as reverse proxy)\n    - Easy to configure securely [(read the documentation)](https://webscripts.readthedocs.io/en/latest/) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/)), hardening checks and reports for unsecure configurations\n    - [Unittest - 99% Code Coverage (2104/2108 lines)](https://webscripts.readthedocs.io/en/latest/Development_and_Administration_Tools/#unittest) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Development-and-Administration-Tools#unittest)), tests with python3.8 - python3.12\n    - Javascript parser and formatter for `text`, `json` and `csv` content type (XSS protection)\n    - XSS active protection for `html` content type based on user inputs analysis and script outputs\n - Customizable\n    - [Authentication](https://webscripts.readthedocs.io/en/latest/Authentication/) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Authentication)) - [example](https://webscripts.readthedocs.io/en/latest/Add_Script/#build-the-script) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Add-Script#build-the-script))\n    - Web Interface: HTML, CSS and JS [files](https://webscripts.readthedocs.io/en/latest/WEB_Interface/) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/WEB-Interface))\n    - URL, request, response and error pages using [python modules](https://webscripts.readthedocs.io/en/latest/Modules/) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Modules)) - [example](https://webscripts.readthedocs.io/en/latest/Add_Module/#build-the-module) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Add-Module))\n - Highly configurable and scalable with a [python module system](https://webscripts.readthedocs.io/en/latest/Modules/) ([wiki](https://github.com/mauricelambert/WebScripts/wiki/Modules)) and configurations\n - Pre-installed and configured scripts and modules (user and authentication, secure file sharing with permissions, error pages with requests to administrator system, temporary and secure password share, logs viewer and analyser)\n\n## Demo\n\n[![Demo WebScripts - Youtube](https://img.youtube.com/vi/2_hRBTRzl5w/0.jpg)](http://www.youtube.com/watch?v=2_hRBTRzl5w)\n\n*Demonstration of WebScripts use - Youtube video*\n\n## Requirements\nThis package require:\n\n - python3\n - python3 Standard Library\n\nOptional on Windows:\n\n - pywin32 (to centralize logs in Event Viewer)\n\n## Installation\n\n```bash\npython3 -m venv WebScripts        # Make a virtual environment for WebScripts\nsource WebScripts/bin/activate    # Activate your virtual environment\nsudo WebScripts/bin/python3 -m pip install --use-pep517 WebScripts --install-option \"--admin-password=\u003cyour password\u003e\" --install-option \"--owner=\u003cowner\u003e\" --install-option \"--directory=\u003cdirectory\u003e\"     # Install WebScripts using setup.py with pip\nsudo WebScripts/bin/python3 -m WebScripts.harden -p '\u003cmy admin password\u003e' -o '\u003cmy webscripts user\u003e' -d 'WebScripts/'  # Harden default configurations\ncd WebScripts                     # Use your virtual environment to start WebScripts\nWebScripts                        # Start WebScripts server for demonstration (for production see deployment documentation)\n```\n\n## Basic Usages\n\n### Command line\n\n```bash\nWebScripts\npython3 -m WebScripts\n\nWebScripts --help\nWebScripts -h # Print help message and command line options\n\nWebScripts --interface \"192.168.1.2\" --port 80\nWebScripts -i \"192.168.1.2\" -p 80 # Change interface and port\n\n# /!\\ do not use the --debug option on the production environment\nWebScripts --debug\nWebScripts -d # Print informations about server configuration in errors pages (404 and 500)\n\n# /!\\ do not use the --security option on the production environment\nWebScripts --security\nWebScripts -s # Do not use HTTP security headers (for debugging)\n\nWebScripts --accept-unauthenticated-user --accept-unknow-user\n# Accept unauthenticated user\n```\n\n### Python script\n\n```python\nimport WebScripts\nWebScripts.main()\n```\n\n```python\nfrom WebScripts import Configuration, Server, main\nfrom wsgiref import simple_server\n\nconfig = Configuration()\nconfig.add_conf(\n    interface=\"\", \n    port=8000, \n    scripts_path = [\n        \"./scripts/account\",\n        \"./scripts/passwords\"\n    ],\n    json_scripts_config = [\n        \"./config/scripts/*.json\"\n    ],\n    ini_scripts_config = [\n        \"./config/scripts/*.ini\"\n    ],\n    documentations_path = [\n        \"./doc/*.html\"\n    ],\n    js_path = [\n        \"./static/js/*.js\"\n    ],\n    statics_path = [\n        \"./static/html/*.html\",\n        \"./static/css/*.css\",\n        \"./static/images/*.jpg\",\n        \"./static/pdf/*.pdf\"\n    ],\n)\nconfig.set_defaults()\nconfig.check_required()\nconfig.get_unexpecteds()\nconfig.build_types()\n\nserver = Server(config)\nhttpd = simple_server.make_server(server.interface, server.port, server.app)\nhttpd.serve_forever()\n```\n\n## Compatibility\n\n### Python3.8\n\n```bash\ngit clone https://github.com/mauricelambert/WebScripts.git\ncd WebScripts\npython3.8 WebScripts/scripts/to_3.8/to_3.8.py\npython3.8 setup38.py install\npython3.8 -m WebScripts38\n```\n\n```python\n# Launch this commands line:\n#   - git clone https://github.com/mauricelambert/WebScripts.git\n#   - cd WebScripts\n#   - python3.8 WebScripts/scripts/to_3.8/to_3.8.py\n#   - python3.8 setup38.py install\n# And use the package:\n\nimport WebScripts38\nWebScripts38.main()\n```\n\n## Documentation\n\n - Home: [wiki](https://github.com/mauricelambert/WebScripts/wiki/), [readthedocs](https://webscripts.readthedocs.io/en/latest/)\n - Installation: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Installation), [readthedocs](https://webscripts.readthedocs.io/en/latest/Installation/)\n - Configurations:\n    - Usages: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Usages), [readthedocs](https://webscripts.readthedocs.io/en/latest/Usages/)\n    - Server Configurations: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Server-Configuration), [readthedocs](https://webscripts.readthedocs.io/en/latest/Server_Configuration/)\n    - Scripts Configurations: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Script-Configuration), [readthedocs](https://webscripts.readthedocs.io/en/latest/Script_Configuration/)\n    - Arguments Configurations: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Argument-Configuration), [readthedocs](https://webscripts.readthedocs.io/en/latest/Argument_Configuration/)\n - Logs: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Logs), [readthedocs](https://webscripts.readthedocs.io/en/latest/Logs/)\n - Authentication: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Authentication), [readthedocs](https://webscripts.readthedocs.io/en/latest/Authentication/)\n - Default Database: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Default-Database), [readthedocs](https://webscripts.readthedocs.io/en/latest/Default_Database/)\n - Access and Permissions: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Access-and-Permissions), [readthedocs](https://webscripts.readthedocs.io/en/latest/Users_Access_and_Rights/)\n - API: [wiki](https://github.com/mauricelambert/WebScripts/wiki/API), [readthedocs](https://webscripts.readthedocs.io/en/latest/API/)\n - Development and Administration Tools: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Development-and-Administration-Tools), [readthedocs](https://webscripts.readthedocs.io/en/latest/Development_and_Administration_Tools/)\n - Customize:\n    - WEB Interface: [wiki](https://github.com/mauricelambert/WebScripts/wiki/WEB-Interface), [readthedocs](https://webscripts.readthedocs.io/en/latest/WEB_Interface/)\n    - Modules: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Modules), [readthedocs](https://webscripts.readthedocs.io/en/latest/Modules/)\n - Security:\n    - Security Considerations: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Security-Considerations), [readthedocs](https://webscripts.readthedocs.io/en/latest/Security_Considerations/)\n    - Code analysis for security (SAST and DAST): [wiki](https://github.com/mauricelambert/WebScripts/wiki/Code-Analysis-for-Security), [readthedocs](https://webscripts.readthedocs.io/en/latest/Code_Analysis_for_Security/)\n    - Security checks and tests (pentest): [wiki](https://github.com/mauricelambert/WebScripts/wiki/Pentest), [readthedocs](https://webscripts.readthedocs.io/en/latest/Pentest/)\n - Examples:\n    - Deployment: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Deployment), [readthedocs](https://webscripts.readthedocs.io/en/latest/Deployment/)\n    - Add a bash script (for authentication): [wiki](https://github.com/mauricelambert/WebScripts/wiki/Add-Script), [readthedocs](https://webscripts.readthedocs.io/en/latest/Add_Script/)\n    - Add a module: [wiki](https://github.com/mauricelambert/WebScripts/wiki/Add-Module), [readthedocs](https://webscripts.readthedocs.io/en/latest/Add_Module/)\n    - Make a custom API client: [wiki](https://github.com/mauricelambert/WebScripts/wiki/API-Client), [readthedocs](https://webscripts.readthedocs.io/en/latest/API_Client/)\n\n## Links\n\n - [Pypi](https://pypi.org/project/WebScripts)\n - [Github](https://github.com/mauricelambert/WebScripts)\n - [ReadTheDocs](https://webscripts.readthedocs.io/en/latest/)\n - RSS Feed [pypi](https://pypi.org/rss/project/webscripts/releases.xml), [libraries](https://libraries.io/pypi/WebScripts/versions.atom)\n - [WebScripts Server presentation](https://www.slideshare.net/MauriceLambert1/webscripts-server-251581216)\n\n## Screenshots\n\n![Index page (dark)](https://mauricelambert.github.io/info/python/code/WebScripts/images/WebScripts3_dark_mode_index.PNG \"Index page (dark)\")\n*Index page (dark)*\n![Text script (dark)](https://mauricelambert.github.io/info/python/code/WebScripts/images/WebScripts3_dark_mode_script_text.PNG \"Text script (dark)\")\n*Text script (dark)*\n![HTML script (light)](https://mauricelambert.github.io/info/python/code/WebScripts/images/WebScripts3_light_mode_script_html.PNG \"HTML script (light)\")\n*HTML script (light)*\n\n## License\n\nLicensed under the [GPL, version 3](https://www.gnu.org/licenses/).\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmauricelambert%2Fwebscripts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmauricelambert%2Fwebscripts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmauricelambert%2Fwebscripts/lists"}