https://github.com/gridhead/pignus-framework-vulnerability-detector

A Python GUI application for scanning websites for their frameworks and detecting vulnerabilities off them.
https://github.com/gridhead/pignus-framework-vulnerability-detector

detecting-vulnerabilities loopholes scanning-websites

Last synced: about 1 year ago
JSON representation

A Python GUI application for scanning websites for their frameworks and detecting vulnerabilities off them.

• Host: GitHub
• URL: https://github.com/gridhead/pignus-framework-vulnerability-detector
• Owner: gridhead
• License: gpl-3.0
• Created: 2019-10-28T10:56:04.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2024-10-23T03:00:56.000Z (over 1 year ago)
• Last Synced: 2025-04-22T20:13:10.285Z (about 1 year ago)
• Topics: detecting-vulnerabilities, loopholes, scanning-websites
• Language: Python
• Homepage:
• Size: 833 KB
• Stars: 6
• Watchers: 1
• Forks: 2
• Open Issues: 4
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

          
# pignus-framework-vulnerability-detector

Version 0.03

A Python GUI application for scanning websites for their frameworks and detecting vulnerabilities off them.

## Usage 

1. Install and upgrade **virtualenv** if not already done by executing ```pip3 install virtualenv --user```

2. Clone the repository on your local drive and make it your current working directory.

3. Create a virtual environment by executing ```virtualenv venv```

4. Activate the virtual environment by executing ```source venv/bin/activate```

5. Install all dependencies for the project by executing ```pip3 install -r requirements.txt```

6. Run the project by executing ```python3 fwvulgui.py```

7. Scan URLs for framework one-by-one by typing them in the textbox.

8. Scan URLs for framework in a batch by indicating a text file storing them linewise.

9. When done tinkering, deactivate the virtual environment by executing ```deactivate```

0. Give stars to the repository if it was helpful

## To-do

- [X] Build GUI and prototype UX for loopholes

- [X] Add scanning function for single URL through text entry

- [X] Add scanning function for multiple URLs through file reading

- [X] Add timer function to note the duration for scanning

- [X] List down all tracked frameworks

- [X] Add clear button for all line edit boxes

- [ ] Add file picker module for text files

- [ ] Add scrapped data about vulnerabilities

- [ ] List down vulnerabilities for all tracked frameworks

- [ ] Make miscellaneous bug fixes

## Changelog

### v0.01

1. Initial build

2. Built a robust GUI and checked loopholes

3. Resolved dependencies on ```data.json```

4. Added functionality to scan single URL

### v0.02

1. Added functionality to scan multiple URLs

2. Added timer function for scan time calculation

3. Handled exception where URLs could not be found

4. Added warning messages

### v0.03 (Current)

1. Switched fontface to improve legibility

2. Added clear button for all line edit boxes

3. Added message for timing and scan success

4. Added branched dictionary for multiple URLs

### v0.04 (Oncoming)

_To be decided_

## Screenshots

* Default window layout with no action (v0.03 onwards)

![Default window layout with no action (v0.03 onwards)](fwvuldef.png)

* Single URL scan for framework detection (Results from `t0xic0der.netlify.com`) (v0.03 onwards)

![Single URL scan for framework detection (Results from `t0xic0der.netlify.com`) (v0.03 onwards)](fwvult0x.png)

* Multiple URL scan through batch file input (v0.03 onwards)

![Multiple URL scan through batch file input (v0.03 onwards)](fwvulfil.png)

## Bugs

1. Scanning some URLs might take very long

2. Some domains have abstracted frameworks so a scan results nothing