Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/WangYihang/SourceLeakHacker
:bug: A multi threads web application source leak scanner
https://github.com/WangYihang/SourceLeakHacker
hacking-tool scanner webscanner websecurity
Last synced: 7 days ago
JSON representation
:bug: A multi threads web application source leak scanner
- Host: GitHub
- URL: https://github.com/WangYihang/SourceLeakHacker
- Owner: WangYihang
- Created: 2017-03-23T02:40:39.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2024-05-21T06:20:17.000Z (about 1 month ago)
- Last Synced: 2024-05-21T07:41:13.843Z (about 1 month ago)
- Topics: hacking-tool, scanner, webscanner, websecurity
- Language: Python
- Homepage:
- Size: 855 KB
- Stars: 373
- Watchers: 17
- Forks: 110
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Security: SECURITY.md
Lists
- awesome-starz - WangYihang/SourceLeakHacker - :bug: A multi threads web application source leak scanner (Python)
- awesome-hacking-lists - SourceLeakHacker - :bug: A multi threads web application source leak scanner (Python (1887))
- awesome-hacking-lists - WangYihang/SourceLeakHacker - :bug: A multi threads web application source leak scanner (Python)
- awesome-hacking-lists - SourceLeakHacker - :bug: A multi threads web application source leak scanner (Python)
README
#### Description
SourceLeakHacker is a muilt-threads web directories scanner.
#### Installation
```
pip install -r requirements.txt
```
#### Usage
```
usage: SourceLeakHacker.py [options]
optional arguments:
-h, --help show this help message and exit
--url URL url to scan, eg: 'http://127.0.0.1/'
--urls URLS file contains urls to scan, one line one url.
--scale {full,tiny} build-in dictionary scale
--output OUTPUT output folder, default: result/YYYY-MM-DD hh:mm:ss
--threads THREADS, -t THREADS
threads numbers, default: 4
--timeout TIMEOUT HTTP request timeout
--level {CRITICAL,ERROR,WARNING,INFO,DEBUG}, -v {CRITICAL,ERROR,WARNING,INFO,DEBUG}
log level
--version, -V show program's version number and exit
```
#### Example
```
$ python SourceLeakHacker.py --url=http://baidu.com --threads=4 --timeout=8
[302] 0 3.035766 text/html; charset=iso-8859-1 http://baidu.com/_/_index.php
[302] 0 3.038096 text/html; charset=iso-8859-1 http://baidu.com/_/__index.php.bak
...
[302] 0 0.063973 text/html; charset=iso-8859-1 http://baidu.com/_adm/_index.php
[302] 0 0.081672 text/html; charset=iso-8859-1 http://baidu.com/_adm/_index.php.bak
Result save in file: result/2020-02-27 07:07:47.csv
```
```
$ cat url.txt
http://baidu.com/
http://google.com/
$ python SourceLeakHacker.py --urls=url.txt --threads=4 --timeout=8
[302] 0 2.363600 text/html; charset=iso-8859-1 http://baidu.com/_/__index.php.bak
[302] 0 0.098417 text/html; charset=iso-8859-1 http://baidu.com/_adm/__index.php.bak
...
[302] 0 0.060524 text/html; charset=iso-8859-1 http://google.com/_adm/_index.php.bak
[302] 0 0.075042 text/html; charset=iso-8859-1 http://baidu.com/_adm/_index.php.back
Result save in file: result/2020-02-27 07:08:54.csv
```
#### Demo
#### TODOs
- [x] Arguments parser.
- [x] Store scan result into csv file.
- [x] Support for multiple urls (from file).
- [x] Add help comments for every params.
- [x] Update Usage.
- [x] Adjust dictionary elements order systematically.
- [x] Change logger in order to suite for both windows and linux.
- [x] Add log level.
- [x] Update Screenshots.
- [ ] Retry and avoid dead lock
- [ ] Store scan result into sqlite database.
- [ ] Download small url contents, then store them into sqlite database.
#### Known Bugs
- [ ] CTRL C does not works on windows platform