Eagle: Another Vulnerability Scanner

Project Eagle is a plugin-based vulnerability scanner used to detect low-severity errors.

Conditions

  1. Python> = 3.6
  2. Install python libraries

$ python3 -m pip -r requirements.txt

  1. Works on Windows and Linux

Use

Attack online target
$ python3 main.py -f domains.txt –ping
Basic use
$ python3 main.py -f domains.txt
Advanced use
$ python3 main.py -f domains.txt -w 10 –db output.db.json

Specifications

  1. CRLF
  2. Sensitive files eg (.git, info.php ..)
  3. takeover
  4. ftp login
  5. S3 buckets misconfiguration including automatic takeover and
  6. HTTP Request Smuggling
  7. Firebase database misconfiguration
  8. Senstive information disclosure eg (API Keys, Secrets ..) including JS files and HTML pages
  9. Missing SPF Records
  10. Path Traversal
  11. PHP-CGI - CVE_2012_1823
  12. Shell Shock - CVE_2014_6271
  13. Struts RCE - CVE_2018_11776
  14. WebLogic RCE - CVE_2019_2725
  15. Confluence LFI - CVE_2019_3396
  16. Ruby on Rails LFI - CVE_2019_5418
  17. Atlassian SSRF - CVE_2019_8451
  18. Apache Httpd mod_rewrite - CVE_2019_10098

You can download the program from here.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

EagleVulnerabilityScanner

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).