yawast 0.5.0.beta2 → 0.5.0.beta3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +312 -244
- data/bin/yawast +2 -0
- data/lib/resources/common_file.txt +29 -0
- data/lib/resources/srv_list.txt +775 -0
- data/lib/resources/subdomain_list.txt +2354 -0
- data/lib/scanner/core.rb +1 -1
- data/lib/scanner/generic.rb +6 -107
- data/lib/scanner/plugins/dns/generic.rb +195 -0
- data/lib/scanner/plugins/ssl/sweet32.rb +85 -0
- data/lib/scanner/ssl.rb +18 -50
- data/lib/scanner/ssl_labs.rb +1 -1
- data/lib/version.rb +1 -1
- data/yawast.gemspec +1 -0
- metadata +20 -2
data/README.md
CHANGED
@@ -121,12 +121,52 @@ In addition to these tests, certain basic information is also displayed, such as
|
|
121
121
|
|
122
122
|
### Usage
|
123
123
|
|
124
|
-
* Standard scan: `./yawast scan <url> [--internalssl] [--tdessessioncount] [--nossl] [--nociphers] [--dir] [--dirrecursive] [--dirlistredir] [--proxy localhost:8080] [--cookie SESSIONID=12345]`
|
124
|
+
* Standard scan: `./yawast scan <url> [--internalssl] [--tdessessioncount] [--nossl] [--nociphers] [--dir] [--dirrecursive] [--dirlistredir] [--files] [--srv [--subdomains] [--proxy localhost:8080] [--cookie SESSIONID=12345]`
|
125
125
|
* HEAD-only scan: `./yawast head <url> [--internalssl] [--tdessessioncount] [--nossl] [--nociphers] [--proxy localhost:8080] [--cookie SESSIONID=12345]`
|
126
126
|
* SSL information: `./yawast ssl <url> [--internalssl] [--tdessessioncount] [--nociphers]`
|
127
127
|
* CMS detection: `./yawast cms <url> [--proxy localhost:8080] [--cookie SESSIONID=12345]`
|
128
128
|
|
129
|
-
For detailed information, just call `./yawast -h` to see the help page. To see information for a specific command, call `./yawast -h <command>` for full details.
|
129
|
+
For detailed information, just call `./yawast -h` to see the help page. To see information for a specific command, call `./yawast -h <command>` for full details. Here is an example, the details for the options to the `scan` command:
|
130
|
+
|
131
|
+
```
|
132
|
+
OPTIONS:
|
133
|
+
|
134
|
+
--nossl
|
135
|
+
Disables SSL checks
|
136
|
+
|
137
|
+
--nociphers
|
138
|
+
Disables check for supported ciphers (only with --internalssl)
|
139
|
+
|
140
|
+
--internalssl
|
141
|
+
Disable SSL Labs integration
|
142
|
+
|
143
|
+
--tdessessioncount
|
144
|
+
Counts the number of messages that can be sent in a single session
|
145
|
+
|
146
|
+
--dir
|
147
|
+
Enables directory search
|
148
|
+
|
149
|
+
--dirrecursive
|
150
|
+
Recursive directory search (only with --dir)
|
151
|
+
|
152
|
+
--dirlistredir
|
153
|
+
Show 301 redirects (only with --dir)
|
154
|
+
|
155
|
+
--files
|
156
|
+
Performs a search for a large list of common files
|
157
|
+
|
158
|
+
--srv
|
159
|
+
Scan for known SRV DNS Records
|
160
|
+
|
161
|
+
--subdomains
|
162
|
+
Search for Common Subdomains
|
163
|
+
|
164
|
+
--proxy STRING
|
165
|
+
HTTP Proxy Server (such as Burp Suite)
|
166
|
+
|
167
|
+
--cookie STRING
|
168
|
+
Session cookie
|
169
|
+
```
|
130
170
|
|
131
171
|
### Using with Burp Suite
|
132
172
|
|
@@ -145,248 +185,276 @@ For authenticated testing, YAWAST allows you to specify a cookie to be passed vi
|
|
145
185
|
Using `scan` - the normal go-to option, here's what you get when scanning my website:
|
146
186
|
|
147
187
|
```
|
148
|
-
$ yawast scan https://adamcaudill.com --dir --
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
|
338
|
-
|
339
|
-
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
|
344
|
-
|
345
|
-
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
350
|
-
|
351
|
-
|
352
|
-
|
353
|
-
|
354
|
-
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
|
361
|
-
|
362
|
-
|
363
|
-
|
364
|
-
|
365
|
-
|
366
|
-
|
367
|
-
|
368
|
-
|
369
|
-
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
|
375
|
-
|
376
|
-
|
377
|
-
|
378
|
-
|
379
|
-
|
380
|
-
|
381
|
-
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
|
386
|
-
|
387
|
-
|
388
|
-
|
389
|
-
|
188
|
+
$ yawast scan https://adamcaudill.com --tdessessioncount --dir --files --srv --subdomains
|
189
|
+
__ _____ _ _ ___ _____ _____
|
190
|
+
\ \ / / _ \| | | |/ _ \ / ___|_ _|
|
191
|
+
\ V / /_\ \ | | / /_\ \\ `--. | |
|
192
|
+
\ /| _ | |/\| | _ | `--. \ | |
|
193
|
+
| || | | \ /\ / | | |/\__/ / | |
|
194
|
+
\_/\_| |_/\/ \/\_| |_/\____/ \_/
|
195
|
+
|
196
|
+
YAWAST v0.5.0.beta3 - The YAWAST Antecedent Web Application Security Toolkit
|
197
|
+
Copyright (c) 2013-2017 Adam Caudill <adam@adamcaudill.com>
|
198
|
+
Support & Documentation: https://github.com/adamcaudill/yawast
|
199
|
+
Ruby 2.2.4-p230; OpenSSL 1.0.2j 26 Sep 2016 (x86_64-darwin16)
|
200
|
+
|
201
|
+
Scanning: https://adamcaudill.com/
|
202
|
+
|
203
|
+
DNS Information:
|
204
|
+
[I] 104.28.27.55 (N/A)
|
205
|
+
[I] US - CLOUDFLARENET - CloudFlare, Inc.
|
206
|
+
[I] San Francisco, California, US
|
207
|
+
https://www.shodan.io/host/104.28.27.55
|
208
|
+
https://censys.io/ipv4/104.28.27.55
|
209
|
+
[I] 104.28.26.55 (N/A)
|
210
|
+
[I] US - CLOUDFLARENET - CloudFlare, Inc.
|
211
|
+
[I] San Francisco, California, US
|
212
|
+
https://www.shodan.io/host/104.28.26.55
|
213
|
+
https://censys.io/ipv4/104.28.26.55
|
214
|
+
[I] 2400:CB00:2048:1::681C:1B37 (N/A)
|
215
|
+
[I] US - CLOUDFLARENET - CloudFlare, Inc.
|
216
|
+
[I] US
|
217
|
+
https://www.shodan.io/host/2400:cb00:2048:1::681c:1b37
|
218
|
+
[I] 2400:CB00:2048:1::681C:1A37 (N/A)
|
219
|
+
[I] US - CLOUDFLARENET - CloudFlare, Inc.
|
220
|
+
[I] US
|
221
|
+
https://www.shodan.io/host/2400:cb00:2048:1::681c:1a37
|
222
|
+
[I] TXT: google-site-verification=QTO_7Q7UXmrUIwieJliLTXV3XuQdqNvTPVcug_TwH0w
|
223
|
+
[I] TXT: v=spf1 mx a ptr include:_spf.google.com ~all
|
224
|
+
[I] TXT: brave-ledger-verification=1
|
225
|
+
[I] MX: aspmx5.googlemail.com (30) - 64.233.161.27 (US - GOOGLE - Google Inc.)
|
226
|
+
[I] MX: aspmx4.googlemail.com (30) - 74.125.143.26 (US - GOOGLE - Google Inc.)
|
227
|
+
[I] MX: aspmx3.googlemail.com (30) - 64.233.186.27 (US - GOOGLE - Google Inc.)
|
228
|
+
[I] MX: alt2.aspmx.l.google.com (20) - 74.125.133.26 (US - GOOGLE - Google Inc.)
|
229
|
+
[I] MX: aspmx2.googlemail.com (30) - 209.85.202.26 (US - GOOGLE - Google Inc.)
|
230
|
+
[I] MX: alt1.aspmx.l.google.com (20) - 209.85.202.27 (US - GOOGLE - Google Inc.)
|
231
|
+
[I] MX: aspmx.l.google.com (10) - 108.177.12.27 (US - GOOGLE - Google Inc.)
|
232
|
+
[I] NS: hal.ns.cloudflare.com - 173.245.59.174 (US - CLOUDFLARENET - CloudFlare, Inc.)
|
233
|
+
[I] NS: vera.ns.cloudflare.com - 173.245.58.147 (US - CLOUDFLARENET - CloudFlare, Inc.)
|
234
|
+
[I] SRV: _bittorrent._tcp.adamcaudill.com: example.com:1 - 93.184.216.34 (US - EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business)
|
235
|
+
[I] A: www.adamcaudill.com: 104.28.27.55 (US - CLOUDFLARENET - CloudFlare, Inc.)
|
236
|
+
[I] A: www.adamcaudill.com: 104.28.26.55 (US - CLOUDFLARENET - CloudFlare, Inc.)
|
237
|
+
|
238
|
+
[I] HEAD:
|
239
|
+
[I] date: Sat, 11 Mar 2017 20:25:53 GMT
|
240
|
+
[I] content-type: text/html; charset=UTF-8
|
241
|
+
[I] connection: close
|
242
|
+
[I] set-cookie: __cfduid=1; expires=Sun, 11-Mar-18 20:25:53 GMT; path=/; domain=.adamcaudill.com; HttpOnly
|
243
|
+
[I] vary: Accept-Encoding,Cookie
|
244
|
+
[I] last-modified: Sun, 05 Mar 2017 16:55:57 GMT
|
245
|
+
[I] x-content-type-options: nosniff
|
246
|
+
[I] x-frame-options: sameorigin
|
247
|
+
[I] pragma: public
|
248
|
+
[I] cache-control: public, max-age=86400
|
249
|
+
[I] cf-cache-status: HIT
|
250
|
+
[I] expires: Sun, 12 Mar 2017 20:25:53 GMT
|
251
|
+
[I] strict-transport-security: max-age=15552000; preload
|
252
|
+
[I] server: cloudflare-nginx
|
253
|
+
[I] cf-ray: 1-MIA
|
254
|
+
|
255
|
+
[I] NOTE: Server appears to be Cloudflare; WAF may be in place.
|
256
|
+
|
257
|
+
[I] X-Frame-Options Header: sameorigin
|
258
|
+
[I] X-Content-Type-Options Header: nosniff
|
259
|
+
[W] Content-Security-Policy Header Not Present
|
260
|
+
[W] Public-Key-Pins Header Not Present
|
261
|
+
|
262
|
+
[I] Cookies:
|
263
|
+
[I] __cfduid=1; expires=Sun, 11-Mar-18 20:25:53 GMT; path=/; domain=.adamcaudill.com; HttpOnly
|
264
|
+
[W] Cookie missing Secure flag
|
265
|
+
[W] Cookie missing SameSite flag
|
266
|
+
|
267
|
+
|
268
|
+
Beginning SSL Labs scan (this could take a minute or two)
|
269
|
+
[SSL Labs] This assessment service is provided free of charge by Qualys SSL Labs, subject to our terms and conditions: https://www.ssllabs.com/about/terms.html
|
270
|
+
............................
|
271
|
+
|
272
|
+
SSL Labs: https://www.ssllabs.com/ssltest/analyze.html?d=adamcaudill.com&hideResults=on
|
273
|
+
|
274
|
+
[I] IP: 104.28.27.55 - Grade: A+
|
275
|
+
|
276
|
+
Certificate Information:
|
277
|
+
[I] Subject: CN=sni67677.cloudflaressl.com,OU=PositiveSSL Multi-Domain,OU=Domain Control Validated
|
278
|
+
[I] Common Names: ["sni67677.cloudflaressl.com"]
|
279
|
+
[I] Alternative names:
|
280
|
+
[I] sni67677.cloudflaressl.com
|
281
|
+
[I] *.adamcaudill.com
|
282
|
+
[I] adamcaudill.com
|
283
|
+
[I] Not Before: 2017-02-23T00:00:00+00:00
|
284
|
+
[I] Not After: 2017-08-06T23:59:59+00:00
|
285
|
+
[I] Key: EC 256 (RSA equivalent: 3072)
|
286
|
+
[I] Public Key Hash: c19ebb18e1bb524f684f89cd90f8c6365277f678
|
287
|
+
[I] Version: 2
|
288
|
+
[I] Serial: 220844199202016449134238880152306048120
|
289
|
+
[I] Issuer: COMODO ECC Domain Validation Secure Server CA 2
|
290
|
+
[I] Signature algorithm: SHA256withECDSA
|
291
|
+
[I] Extended Validation: No (Domain Control)
|
292
|
+
[I] Certificate Transparency: No
|
293
|
+
[I] OCSP Must Staple: No
|
294
|
+
[I] Revocation information: CRL information available
|
295
|
+
[I] Revocation information: OCSP information available
|
296
|
+
[I] Revocation status: certificate not revoked
|
297
|
+
[I] Extensions:
|
298
|
+
[I] authorityKeyIdentifier = keyid:40:09:61:67:F0:BC:83:71:4F:DE:12:08:2C:6F:D4:D4:2B:76:3D:96,
|
299
|
+
[I] subjectKeyIdentifier = D0:F8:D6:82:36:B5:5C:AC:2D:9A:8E:7B:D9:D5:E6:99:38:B6:8C:FE
|
300
|
+
[I] keyUsage = critical, Digital Signature
|
301
|
+
[I] basicConstraints = critical, CA:FALSE
|
302
|
+
[I] extendedKeyUsage = TLS Web Server Authentication, TLS Web Client Authentication
|
303
|
+
[I] certificatePolicies = Policy: 1.3.6.1.4.1.6449.1.2.2.7, CPS: https://secure.comodo.com/CPS, Policy: 2.23.140.1.2.1,
|
304
|
+
[I] crlDistributionPoints = , Full Name:, URI:http://crl.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crl,
|
305
|
+
[I] authorityInfoAccess = CA Issuers - URI:http://crt.comodoca4.com/COMODOECCDomainValidationSecureServerCA2.crt, OCSP - URI:http://ocsp.comodoca4.com,
|
306
|
+
[I] Hash: 9f911f4c6f6b58bb239c526ad8eb8cc5ef641947
|
307
|
+
https://censys.io/certificates?q=9f911f4c6f6b58bb239c526ad8eb8cc5ef641947
|
308
|
+
https://crt.sh/?q=9f911f4c6f6b58bb239c526ad8eb8cc5ef641947
|
309
|
+
|
310
|
+
Configuration Information:
|
311
|
+
Protocol Support:
|
312
|
+
[I] TLS 1.0
|
313
|
+
[I] TLS 1.1
|
314
|
+
[I] TLS 1.2
|
315
|
+
|
316
|
+
Cipher Suite Support:
|
317
|
+
[I] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - 128-bits - ECDHE-256-bits
|
318
|
+
[I] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - 128-bits - ECDHE-256-bits
|
319
|
+
[I] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - 128-bits - ECDHE-256-bits
|
320
|
+
[I] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - 256-bits - ECDHE-256-bits
|
321
|
+
[I] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - 256-bits - ECDHE-256-bits
|
322
|
+
[I] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - 256-bits - ECDHE-256-bits
|
323
|
+
[I] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 - 256-bits - ECDHE-256-bits
|
324
|
+
[I] OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 - 256-bits - ECDHE-256-bits
|
325
|
+
[W] TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - 112-bits - ECDHE-256-bits
|
326
|
+
|
327
|
+
Handshake Simulation:
|
328
|
+
[E] Android 2.3.7 - Simulation Failed
|
329
|
+
[I] Android 4.0.4 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
330
|
+
[I] Android 4.1.1 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
331
|
+
[I] Android 4.2.2 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
332
|
+
[I] Android 4.3 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
333
|
+
[I] Android 4.4.2 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
334
|
+
[I] Android 5.0.0 - TLS 1.2 - OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
335
|
+
[I] Android 6.0 - TLS 1.2 - OLD_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
336
|
+
[I] Android 7.0 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
337
|
+
[I] Baidu Jan 2015 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
338
|
+
[I] BingPreview Jan 2015 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
339
|
+
[E] Chrome 49 / XP SP3 - Simulation Failed
|
340
|
+
[I] Chrome 51 / Win 7 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
341
|
+
[I] Firefox 31.3.0 ESR / Win 7 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
342
|
+
[I] Firefox 47 / Win 7 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
343
|
+
[I] Firefox 49 / XP SP3 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
344
|
+
[I] Firefox 49 / Win 7 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
345
|
+
[I] Googlebot Feb 2015 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
346
|
+
[E] IE 6 / XP - Simulation Failed
|
347
|
+
[I] IE 7 / Vista - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
348
|
+
[E] IE 8 / XP - Simulation Failed
|
349
|
+
[I] IE 8-10 / Win 7 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
350
|
+
[I] IE 11 / Win 7 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
351
|
+
[I] IE 11 / Win 8.1 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
352
|
+
[I] IE 10 / Win Phone 8.0 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
353
|
+
[I] IE 11 / Win Phone 8.1 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
354
|
+
[I] IE 11 / Win Phone 8.1 Update - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
355
|
+
[I] IE 11 / Win 10 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
356
|
+
[I] Edge 13 / Win 10 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
357
|
+
[I] Edge 13 / Win Phone 10 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
358
|
+
[E] Java 6u45 - Simulation Failed
|
359
|
+
[I] Java 7u25 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
360
|
+
[I] Java 8u31 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
361
|
+
[E] OpenSSL 0.9.8y - Simulation Failed
|
362
|
+
[I] OpenSSL 1.0.1l - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
363
|
+
[I] OpenSSL 1.0.2e - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
364
|
+
[I] Safari 5.1.9 / OS X 10.6.8 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
365
|
+
[I] Safari 6 / iOS 6.0.1 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
366
|
+
[I] Safari 6.0.4 / OS X 10.8.4 - TLS 1.0 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
|
367
|
+
[I] Safari 7 / iOS 7.1 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
368
|
+
[I] Safari 7 / OS X 10.9 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
369
|
+
[I] Safari 8 / iOS 8.4 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
370
|
+
[I] Safari 8 / OS X 10.10 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
|
371
|
+
[I] Safari 9 / iOS 9 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
372
|
+
[I] Safari 9 / OS X 10.11 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
373
|
+
[I] Safari 10 / iOS 10 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
374
|
+
[I] Safari 10 / OS X 10.12 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
375
|
+
[I] Apple ATS 9 / iOS 9 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
376
|
+
[I] Yahoo Slurp Jan 2015 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
377
|
+
[I] YandexBot Jan 2015 - TLS 1.2 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
378
|
+
|
379
|
+
Protocol & Vulnerability Information:
|
380
|
+
[I] DROWN: No
|
381
|
+
[I] Secure Renegotiation: secure renegotiation supported
|
382
|
+
[I] POODLE (SSL): No
|
383
|
+
[I] POODLE (TLS): No
|
384
|
+
[I] Downgrade Prevention: Yes
|
385
|
+
[I] Compression: No
|
386
|
+
[I] Heartbleed: No
|
387
|
+
[I] OpenSSL CCS (CVE-2014-0224): No
|
388
|
+
[I] OpenSSL Padding Oracle (CVE-2016-2107): No
|
389
|
+
[I] Forward Secrecy: Yes (all simulated clients)
|
390
|
+
[I] OCSP Stapling: Yes
|
391
|
+
[I] FREAK: No
|
392
|
+
[I] Logjam: No
|
393
|
+
[I] DH public server param (Ys) reuse: No
|
394
|
+
[I] Protocol Intolerance: No
|
395
|
+
|
396
|
+
TLS Session Request Limit: Checking number of requests accepted using 3DES suites...
|
397
|
+
Cloudflare server found: SWEET32 mitigated: https://support.cloudflare.com/hc/en-us/articles/231510928
|
398
|
+
|
399
|
+
[I] HSTS: Enabled (strict-transport-security: max-age=15552000; preload)
|
400
|
+
[I] HSTS Preload: Chrome - false; Firefox - false; Tor - false
|
401
|
+
[W] '/readme.html' found: https://adamcaudill.com/readme.html
|
402
|
+
|
403
|
+
|
404
|
+
Checking for common files (this will take a few minutes)...
|
405
|
+
[I] '/favicon.ico' found: https://adamcaudill.com/favicon.ico
|
406
|
+
[I] '/license.txt' found: https://adamcaudill.com/license.txt
|
407
|
+
[I] '/robots.txt' found: https://adamcaudill.com/robots.txt
|
408
|
+
[I] '/sitemap_index.xml' found: https://adamcaudill.com/sitemap_index.xml
|
409
|
+
[I] '/tools' found: https://adamcaudill.com/tools
|
410
|
+
[I] '/wp-config.php' found: https://adamcaudill.com/wp-config.php
|
411
|
+
[I] '/wp-cron.php' found: https://adamcaudill.com/wp-cron.php
|
412
|
+
[I] '/wp-links-opml.php' found: https://adamcaudill.com/wp-links-opml.php
|
413
|
+
[I] '/wp-load.php' found: https://adamcaudill.com/wp-load.php
|
414
|
+
[I] '/wp-login.php' found: https://adamcaudill.com/wp-login.php
|
415
|
+
[I] '/keybase.txt' found: https://adamcaudill.com/keybase.txt
|
416
|
+
|
417
|
+
Searching for common directories...
|
418
|
+
[I] Found: 'https://adamcaudill.com//'
|
419
|
+
[I] Found: 'https://adamcaudill.com/0000/'
|
420
|
+
[I] Found: 'https://adamcaudill.com/2004/'
|
421
|
+
[I] Found: 'https://adamcaudill.com/2003/'
|
422
|
+
[I] Found: 'https://adamcaudill.com/2005/'
|
423
|
+
[I] Found: 'https://adamcaudill.com/2006/'
|
424
|
+
[I] Found: 'https://adamcaudill.com/2007/'
|
425
|
+
[I] Found: 'https://adamcaudill.com/2008/'
|
426
|
+
[I] Found: 'https://adamcaudill.com/2011/'
|
427
|
+
[I] Found: 'https://adamcaudill.com/2009/'
|
428
|
+
[I] Found: 'https://adamcaudill.com/2010/'
|
429
|
+
[I] Found: 'https://adamcaudill.com/2012/'
|
430
|
+
[I] Found: 'https://adamcaudill.com/2013/'
|
431
|
+
[I] Found: 'https://adamcaudill.com/2015/'
|
432
|
+
[I] Found: 'https://adamcaudill.com/2014/'
|
433
|
+
[I] Found: 'https://adamcaudill.com/2016/'
|
434
|
+
[I] Found: 'https://adamcaudill.com/ABOUT/'
|
435
|
+
[I] Found: 'https://adamcaudill.com/ARCHIVES/'
|
436
|
+
[I] Found: 'https://adamcaudill.com/About/'
|
437
|
+
[I] Found: 'https://adamcaudill.com/Archives/'
|
438
|
+
[I] Found: 'https://adamcaudill.com/BLOG/'
|
439
|
+
[I] Found: 'https://adamcaudill.com/Blog/'
|
440
|
+
[I] Found: 'https://adamcaudill.com/Photo/'
|
441
|
+
[I] Found: 'https://adamcaudill.com/Resume/'
|
442
|
+
[I] Found: 'https://adamcaudill.com/TOOLS/'
|
443
|
+
[I] Found: 'https://adamcaudill.com/Tools/'
|
444
|
+
[I] Found: 'https://adamcaudill.com/about/'
|
445
|
+
[I] Found: 'https://adamcaudill.com/archives/'
|
446
|
+
[I] Found: 'https://adamcaudill.com/blog/'
|
447
|
+
[I] Found: 'https://adamcaudill.com/feed/'
|
448
|
+
[I] Found: 'https://adamcaudill.com/pgp/'
|
449
|
+
[I] Found: 'https://adamcaudill.com/photo/'
|
450
|
+
[I] Found: 'https://adamcaudill.com/reading/'
|
451
|
+
[I] Found: 'https://adamcaudill.com/resume/'
|
452
|
+
[I] Found: 'https://adamcaudill.com/speaking/'
|
453
|
+
[I] Found: 'https://adamcaudill.com/tools/'
|
454
|
+
[I] Found: 'https://adamcaudill.com/wp-content/'
|
455
|
+
|
456
|
+
[I] Meta Generator: WordPress 4.7.2
|
457
|
+
Scan complete.
|
390
458
|
```
|
391
459
|
|
392
460
|
### About The Output
|
data/bin/yawast
CHANGED
@@ -21,6 +21,8 @@ command :scan do |c|
|
|
21
21
|
c.option '--dirrecursive', 'Recursive directory search (only with --dir)'
|
22
22
|
c.option '--dirlistredir', 'Show 301 redirects (only with --dir)'
|
23
23
|
c.option '--files', 'Performs a search for a large list of common files'
|
24
|
+
c.option '--srv', 'Scan for known SRV DNS Records'
|
25
|
+
c.option '--subdomains', 'Search for Common Subdomains'
|
24
26
|
c.option '--proxy STRING', String, 'HTTP Proxy Server (such as Burp Suite)'
|
25
27
|
c.option '--cookie STRING', String, 'Session cookie'
|
26
28
|
|