dotspot 0.0.1__tar.gz

dotspot-0.0.1/.gitignore

@@ -0,0 +1,34 @@
+# Python bytecode
+__pycache__/
+*.py[cod]
+*$py.class
+
+# Virtual environment
+venv/
+.env/
+.env
+
+# Environment variables
+.env.*
+!.env.example
+
+# OS files
+.DS_Store
+Thumbs.db
+
+.vscode/
+.idea/
+
+# Logs
+*.log
+
+# Reports
+reports/
+
+# Cache
+*.cache
+
+# Build artifacts
+dist/
+build/
+*.egg-info/

dotspot-0.0.1/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Sagnik Mukherjee
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

dotspot-0.0.1/PKG-INFO

@@ -0,0 +1,83 @@
+Metadata-Version: 2.4
+Name: dotspot
+Version: 0.0.1
+Summary: A powerful web vulnerability scanner with SQL injection, SSTI, exposed path detection, and AI-powered analysis.
+Author: Sagnik Mukherjee
+License-Expression: MIT
+Project-URL: Homepage, https://github.com/itssagnikmukherjee/dotSpot
+Project-URL: Repository, https://github.com/itssagnikmukherjee/dotSpot
+Project-URL: Issues, https://github.com/itssagnikmukherjee/dotSpot/issues
+Keywords: security,scanner,vulnerability,pentesting,web-security
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: Information Technology
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: requests>=2.28
+Requires-Dist: rich>=13.0
+Requires-Dist: urllib3>=2.0
+Requires-Dist: groq>=0.4
+Dynamic: license-file
+
+# dotSpot
+
+A powerful web vulnerability scanner built in Python.
+
+## Features
+
+- **SQL Injection (SQLi)** detection with comprehensive payload testing
+- **Server-Side Template Injection (SSTI)** scanning
+- **Exposed Path Discovery** for sensitive files and directories
+- **Cookie Security** analysis
+- **HTML Comment** extraction for information leakage
+- **JavaScript Analysis** for secrets and sensitive data
+- **Base64 Decoding** of embedded data
+- **AI-Powered Analysis** via Groq for intelligent scan report summaries
+
+## Installation
+
+```bash
+pip install dotspot
+```
+
+## Usage
+
+### Scan a target URL
+
+```bash
+dotspot scan <target-url>
+```
+
+You'll be prompted to choose between vulnerability scanning or flag hunting mode.
+
+### Analyze scan results with AI
+
+```bash
+dotspot analyze <scan-report.json>
+```
+
+Optionally pass `--api-key YOUR_KEY` or set the `GROQ_API_KEY` environment variable.
+
+### Show help
+
+```bash
+dotspot help
+```
+
+## Requirements
+
+- Python 3.9+
+
+## License
+
+MIT License — see [LICENSE](LICENSE) for details.

dotspot-0.0.1/README.md

@@ -0,0 +1,52 @@
+# dotSpot
+
+A powerful web vulnerability scanner built in Python.
+
+## Features
+
+- **SQL Injection (SQLi)** detection with comprehensive payload testing
+- **Server-Side Template Injection (SSTI)** scanning
+- **Exposed Path Discovery** for sensitive files and directories
+- **Cookie Security** analysis
+- **HTML Comment** extraction for information leakage
+- **JavaScript Analysis** for secrets and sensitive data
+- **Base64 Decoding** of embedded data
+- **AI-Powered Analysis** via Groq for intelligent scan report summaries
+
+## Installation
+
+```bash
+pip install dotspot
+```
+
+## Usage
+
+### Scan a target URL
+
+```bash
+dotspot scan <target-url>
+```
+
+You'll be prompted to choose between vulnerability scanning or flag hunting mode.
+
+### Analyze scan results with AI
+
+```bash
+dotspot analyze <scan-report.json>
+```
+
+Optionally pass `--api-key YOUR_KEY` or set the `GROQ_API_KEY` environment variable.
+
+### Show help
+
+```bash
+dotspot help
+```
+
+## Requirements
+
+- Python 3.9+
+
+## License
+
+MIT License — see [LICENSE](LICENSE) for details.

dotspot-0.0.1/checks/__init__.py

@@ -0,0 +1,17 @@
+from checks import exposed_paths
+from checks import cookies
+from checks import comments
+from checks import sqli
+from checks import ssti
+from checks import js_analysis
+from checks import base64_decode
+
+__all__ = [
+    'exposed_paths',
+    'cookies',
+    'comments',
+    'sqli',
+    'ssti',
+    'js_analysis',
+    'base64_decode',
+]

dotspot-0.0.1/checks/ai_overview.py

@@ -0,0 +1,155 @@
+import os
+import json
+import re
+from typing import Dict, Optional
+from rich.console import Console
+from rich.panel import Panel
+from rich.table import Table
+from rich.markdown import Markdown
+
+console = Console()
+
+GROQ_API_URL = os.environ.get("GROQ_API_URL")
+DEFAULT_MODEL = os.environ.get("DEFAULT_MODEL")
+
+TABLE_WIDTH = 100
+
+def get_groq_api_key() -> Optional[str]:
+    return os.environ.get("GROQ_API_KEY")
+
+
+def analyze_with_groq(scan_data: Dict, api_key: str) -> str:
+    try:
+        from groq import Groq, APIError
+    except ImportError:
+        console.print("Groq SDK not installed")
+        return ""
+    
+    client = Groq(api_key=api_key)
+    
+    findings_text = json.dumps(scan_data.get("findings", []), indent=2)
+
+    prompt_path = os.path.join(os.path.dirname(__file__), '..', 'data', 'prompt.txt')
+    prompt = open(prompt_path, "r").read()
+
+    try:
+        chat_completion = client.chat.completions.create(
+            messages=[
+                {"role": "system", "content": prompt},
+                {"role": "user", "content": findings_text}
+            ],
+            model=DEFAULT_MODEL,
+            temperature=0.3,
+            max_tokens=2000
+        )
+        
+        return chat_completion.choices[0].message.content
+    
+    except APIError as e:
+        console.print("Groq API Error")
+        console.print(f"Type: {type(e).__name__}")
+        console.print(f"Message: {str(e)}")
+        if "model" in str(e).lower():
+            console.print(f"Hint: The model '{DEFAULT_MODEL}' might be invalid or deprecated.")
+        return ""
+    except Exception as e:
+        console.print(f"Unexpected error during AI analysis: {e}")
+        return ""
+
+
+def analyze_scan_report(json_path: str, api_key: Optional[str] = None) -> None:
+    key = api_key or get_groq_api_key()
+    if not key:
+        console.print("API KEY NOT FOUND")
+        return
+
+    try:
+        with open(json_path, 'r') as f:
+            scan_data = json.load(f)
+    except FileNotFoundError:
+        console.print(f"File not found: {json_path}")
+        return
+    except json.JSONDecodeError:
+        console.print(f"Invalid JSON file: {json_path}")
+        return
+    
+    console.print(Panel.fit(
+        f"[bold cyan]Analyzing:[/] {json_path}\n"
+        f"[bold cyan]Model:[/] {DEFAULT_MODEL}",
+        title="[bold green]🤖 AI Analysis[/]",
+        border_style="green"
+    ))
+    
+    with console.status("[bold cyan]Analyzing with Groq AI...[/]", spinner="dots"):
+        analysis = analyze_with_groq(scan_data, key)
+    
+    if analysis:
+        console.print()
+        console.print(Panel(
+            Markdown(analysis),
+            title="[bold green]🔍 Security Analysis[/]",
+            border_style="cyan",
+            padding=(1, 2)
+        ))
+
+
+def _parse_ai_table(analysis: str) -> list:
+    rows = []
+    for line in analysis.strip().splitlines():
+        line = line.strip()
+        if not line or line.startswith('#') or line.startswith('---'):
+            continue
+        if 'vulnerability' in line.lower() and 'info' in line.lower() and 'fix' in line.lower():
+            continue
+        parts = [p.strip() for p in line.split('|')]
+        parts = [p for p in parts if p]
+        if len(parts) >= 3:
+            rows.append((parts[0], parts[1], parts[2]))
+        elif len(parts) == 2:
+            rows.append((parts[0], parts[1], "—"))
+        elif len(parts) == 1 and line.startswith('-'):
+            cleaned = line.lstrip('- ').strip()
+            if ':' in cleaned:
+                vuln, info = cleaned.split(':', 1)
+                rows.append((vuln.strip(), info.strip(), "—"))
+    return rows
+
+
+def run(ctx):
+    key = get_groq_api_key()
+    if not key:
+        return
+    
+    scan_data = {
+        "target_url": ctx.base_url,
+        "findings": [{"description": f} for f in ctx.findings],
+        "summary": {"total": len(ctx.findings)}
+    }
+    
+    with console.status("[bold cyan]Getting AI insights...[/]", spinner="dots"):
+        analysis = analyze_with_groq(scan_data, key)
+    
+    if analysis:
+        rows = _parse_ai_table(analysis)
+        if rows:
+            ai_table = Table(
+                title="[bold green]🤖 AI Insights[/]",
+                show_header=True,
+                header_style="bold cyan",
+                border_style="cyan",
+                show_lines=True,
+                width=TABLE_WIDTH,
+            )
+            ai_table.add_column("Vulnerability", style="red", ratio=1, no_wrap=False, overflow="fold")
+            ai_table.add_column("Info", style="white", ratio=2, no_wrap=False, overflow="fold")
+            ai_table.add_column("Potential Fix", style="green", ratio=2, no_wrap=False, overflow="fold")
+
+            for vuln, info, fix in rows:
+                ai_table.add_row(vuln, info, fix)
+            console.print(ai_table)
+        else:
+            console.print(Panel(
+                Markdown(analysis),
+                title="[bold green]🤖 AI Insights[/]",
+                border_style="cyan"
+            ))

dotspot-0.0.1/checks/base64_decode.py

@@ -0,0 +1,172 @@
+
+import re
+import base64
+from typing import List, Tuple, Optional
+from rich.console import Console
+
+from utils.http import safe_get
+
+console = Console()
+
+MIN_BASE64_LENGTH = 20
+MAX_FINDINGS = 10
+
+FALSE_POSITIVES = [
+    'data:image',
+    'data:audio',
+    'data:video',
+    'data:font',
+    'data:application',
+    'googleapis.com',
+    'gstatic.com',
+    'jquery',
+    'bootstrap',
+    'sourceMappingURL'
+]
+
+
+def is_valid_base64(s: str) -> bool:
+    if len(s) < MIN_BASE64_LENGTH:
+        return False
+    
+    if not re.match(r'^[A-Za-z0-9+/=]+$', s):
+        return False
+    
+    if len(s) % 4 not in [0, 2, 3]:
+        padded = s + '=' * (4 - len(s) % 4) if len(s) % 4 != 0 else s
+        if len(padded) % 4 != 0:
+            return False
+    
+    return True
+
+
+def decode_base64(s: str) -> Optional[str]:
+    try:
+        padded = s + '=' * (4 - len(s) % 4) if len(s) % 4 != 0 else s
+        decoded_bytes = base64.b64decode(padded)
+        
+        try:
+            decoded = decoded_bytes.decode('utf-8')
+            if all(c.isprintable() or c in '\n\r\t' for c in decoded):
+                return decoded
+        except UnicodeDecodeError:
+            try:
+                decoded = decoded_bytes.decode('latin-1')
+                if all(c.isprintable() or c in '\n\r\t' for c in decoded):
+                    return decoded
+            except:
+                pass
+    except Exception:
+        pass
+    
+    return None
+
+
+def categorize_decoded(decoded: str) -> Tuple[str, str]:
+    decoded_lower = decoded.lower()
+    
+    if any(p in decoded_lower for p in ['password', 'passwd', 'secret', 'api_key', 'apikey', 'token', 'auth']):
+        return 'credential', 'critical'
+    
+    if re.search(r'flag\{|ctf\{|picoCTF\{', decoded, re.IGNORECASE):
+        return 'flag', 'critical'
+    
+    if decoded.strip().startswith('{') and decoded.strip().endswith('}'):
+        return 'json', 'high'
+    
+    if 'http://' in decoded or 'https://' in decoded:
+        return 'url', 'medium'
+    
+    if re.search(r'[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}', decoded):
+        return 'email', 'medium'
+    
+    if re.search(r'^(/|[A-Za-z]:\\)', decoded) or '/' in decoded:
+        return 'path', 'low'
+    
+    return 'text', 'info'
+
+
+def is_interesting(decoded: str) -> bool:
+    if len(decoded) < 5:
+        return False
+    
+    if '\x00' in decoded:
+        return False
+    
+    decoded_lower = decoded.lower()
+    skip_patterns = [
+        'lorem ipsum',
+        'copyright',
+        'license',
+        'all rights reserved'
+    ]
+    if any(p in decoded_lower for p in skip_patterns):
+        return False
+    
+    alpha_ratio = sum(c.isalpha() for c in decoded) / len(decoded)
+    if alpha_ratio < 0.3:
+        return False
+    
+    return True
+
+
+def find_base64_strings(html: str) -> List[Tuple[str, str, str, str]]:
+    findings = []
+    
+    pattern = r'[A-Za-z0-9+/]{20,}={0,2}'
+    matches = re.findall(pattern, html)
+    
+    for match in matches:
+        if any(fp in match for fp in FALSE_POSITIVES):
+            continue
+        
+        context_start = html.find(match)
+        if context_start > 0:
+            context = html[max(0, context_start - 50):context_start]
+            if any(fp in context for fp in FALSE_POSITIVES):
+                continue
+        
+        if is_valid_base64(match):
+            decoded = decode_base64(match)
+            if decoded and is_interesting(decoded):
+                category, severity = categorize_decoded(decoded)
+                findings.append((match, decoded, category, severity))
+    
+    seen = set()
+    unique_findings = []
+    for f in findings:
+        if f[1] not in seen:
+            seen.add(f[1])
+            unique_findings.append(f)
+    
+    return unique_findings[:MAX_FINDINGS]
+
+
+def run(ctx):
+    urls_to_scan = list(ctx.urls) if hasattr(ctx, 'urls') and ctx.urls else [ctx.base_url]
+    
+    all_findings = []
+    
+    for url in urls_to_scan:
+        response, error = safe_get(url)
+        if error or not response:
+            continue
+        
+        page_findings = find_base64_strings(response.text)
+        
+        for original, decoded, category, severity in page_findings:
+            if not any(decoded == f[1] for f in all_findings):
+                all_findings.append((original, decoded, category, severity, url))
+    
+    if not all_findings:
+        return
+    
+    for original, decoded, category, severity, source_url in all_findings[:MAX_FINDINGS]:
+        page_name = source_url.split('/')[-1] or 'index'
+        display_encoded = original if len(original) <= 50 else original[:50] + "..."
+        finding = f"Base64 found in {page_name} ({category}): \"{display_encoded}\" → Decoded: \"{decoded}\""
+        ctx.findings.append(finding)
+    
+    if len(all_findings) > MAX_FINDINGS:
+        remaining = len(all_findings) - MAX_FINDINGS
+        ctx.findings.append(f"Base64: {remaining} additional encoded strings not shown")

dotspot-0.0.1/checks/comments.py

@@ -0,0 +1,107 @@
+import re
+from typing import List, Tuple
+from rich.console import Console
+
+from utils.http import safe_get
+
+console = Console()
+
+MAX_COMMENT_LENGTH = 200
+MAX_COMMENTS_TO_REPORT = 10
+
+
+def clean_comment(comment: str) -> str:
+    cleaned = re.sub(r'\s+', ' ', comment.strip())
+    if len(cleaned) > MAX_COMMENT_LENGTH:
+        cleaned = cleaned[:MAX_COMMENT_LENGTH] + "..."
+    return cleaned
+
+
+def find_comment_position(html: str, raw_comment: str) -> Tuple[int, int]:
+    marker = f"<!--{raw_comment}-->"
+    pos = html.find(marker)
+    
+    if pos == -1:
+        pos = html.find(f"<!--{raw_comment}")
+    
+    if pos >= 0:
+        before = html[:pos]
+        line_number = before.count('\n') + 1
+        last_newline = before.rfind('\n')
+        column = (pos + 1) if last_newline == -1 else (pos - last_newline)
+        return line_number, column
+    
+    return 0, 0
+
+
+def categorize_comment(comment: str) -> Tuple[str, str]:
+    comment_lower = comment.lower()
+    
+    if any(p in comment_lower for p in ['password', 'passwd', 'pwd', 'secret', 'api_key', 'apikey', 'token']):
+        return 'credential', 'high'
+    
+    if any(p in comment_lower for p in ['todo', 'fixme', 'hack', 'xxx', 'bug']):
+        return 'todo', 'medium'
+    
+    if any(p in comment_lower for p in ['debug', 'test', 'dev', 'staging']):
+        return 'debug', 'medium'
+    
+    if any(p in comment_lower for p in ['version', 'v1', 'v2', 'build']):
+        return 'version', 'low'
+    
+    if any(p in comment_lower for p in ['author', 'created', 'modified', 'copyright']):
+        return 'metadata', 'info'
+    
+    if re.search(r'\b(?:localhost|127\.0\.0\.1|192\.168\.|10\.)', comment_lower):
+        return 'internal_url', 'medium'
+    
+    if re.search(r'function|var |let |const |class |def |import ', comment):
+        return 'code', 'low'
+    
+    return 'general', 'info'
+
+
+def run(ctx):
+    urls_to_scan = list(ctx.urls) if hasattr(ctx, 'urls') and ctx.urls else [ctx.base_url]
+    
+    if not hasattr(ctx, 'comment_results'):
+        ctx.comment_results = []
+    
+    all_comments = []
+    
+    for url in urls_to_scan:
+        response, error = safe_get(url)
+        if error or not response:
+            continue
+        
+        page_name = url.split('/')[-1] or 'index.html'
+        html_content = response.text
+    
+        comments = re.findall(r"<!--(.*?)-->", html_content, re.DOTALL)
+        
+        for comment in comments:
+            cleaned = clean_comment(comment)
+            if len(cleaned) > 5 and not cleaned.startswith('[if '):
+                if not any(cleaned == c[0] for c in all_comments):
+                    line, col = find_comment_position(html_content, comment)
+                    all_comments.append((cleaned, page_name, line, col))
+    
+    if not all_comments:
+        return
+    
+    for comment, page, line, col in all_comments[:MAX_COMMENTS_TO_REPORT]:
+        category, severity = categorize_comment(comment)
+        
+        location = f"{line},{col}" if line > 0 else "0,0"
+        finding = f"HTML comment in {page} ({location}): \"{comment}\""
+        ctx.findings.append(finding)
+        
+        ctx.comment_results.append({
+            "comment": comment,
+            "file": page,
+            "line": line if line > 0 else "—",
+        })
+    
+    if len(all_comments) > MAX_COMMENTS_TO_REPORT:
+        remaining = len(all_comments) - MAX_COMMENTS_TO_REPORT
+        ctx.findings.append(f"HTML comments: {remaining} additional comments not shown")

dotspot-0.0.1/checks/cookies.py

@@ -0,0 +1,47 @@
+import requests
+from rich.console import Console
+from rich.table import Table
+
+console = Console()
+
+TABLE_WIDTH = 100
+
+
+def run(ctx):
+    if not hasattr(ctx, 'cookie_results'):
+        ctx.cookie_results = []
+
+    try:
+        r = requests.get(ctx.base_url, timeout=5, verify=False)
+    except Exception:
+        return
+
+    if not r.cookies:
+        return
+
+    for c in r.cookies:
+        httponly = "Yes" if c.has_nonstandard_attr("HttpOnly") else "No"
+        secure = "Yes" if c.secure else "No"
+        domain = c.domain or "—"
+        path = c.path or "/"
+        expires = c.expires or "—"
+
+        ctx.cookie_results.append({
+            "name": c.name,
+            "value": c.value or "",
+            "domain": domain,
+            "path": path,
+            "httponly": httponly,
+            "secure": secure,
+            "expires": expires,
+        })
+
+        issues = []
+        if httponly == "No":
+            issues.append("missing HttpOnly")
+        if secure == "No":
+            issues.append("missing Secure")
+        if expires == "—":
+            issues.append("no expiration date")
+        if issues:
+            ctx.findings.append(f"Cookie issue ({c.name}): {', '.join(issues)}")