kagesec 0.2.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (212) hide show
  1. kagesec-0.2.0/LICENSE +21 -0
  2. kagesec-0.2.0/PKG-INFO +712 -0
  3. kagesec-0.2.0/README.md +657 -0
  4. kagesec-0.2.0/cli/main.py +1666 -0
  5. kagesec-0.2.0/kagesec.egg-info/PKG-INFO +712 -0
  6. kagesec-0.2.0/kagesec.egg-info/SOURCES.txt +210 -0
  7. kagesec-0.2.0/kagesec.egg-info/dependency_links.txt +1 -0
  8. kagesec-0.2.0/kagesec.egg-info/entry_points.txt +2 -0
  9. kagesec-0.2.0/kagesec.egg-info/requires.txt +37 -0
  10. kagesec-0.2.0/kagesec.egg-info/top_level.txt +2 -0
  11. kagesec-0.2.0/pyproject.toml +80 -0
  12. kagesec-0.2.0/scanner/__init__.py +1 -0
  13. kagesec-0.2.0/scanner/ai/__init__.py +0 -0
  14. kagesec-0.2.0/scanner/ai/cve_researcher.py +204 -0
  15. kagesec-0.2.0/scanner/ai/reporter.py +52 -0
  16. kagesec-0.2.0/scanner/ai/template_selector.py +225 -0
  17. kagesec-0.2.0/scanner/ai/verifier.py +110 -0
  18. kagesec-0.2.0/scanner/api/__init__.py +0 -0
  19. kagesec-0.2.0/scanner/api/server.py +223 -0
  20. kagesec-0.2.0/scanner/compliance/__init__.py +0 -0
  21. kagesec-0.2.0/scanner/compliance/appi.py +176 -0
  22. kagesec-0.2.0/scanner/compliance/gdpr.py +170 -0
  23. kagesec-0.2.0/scanner/compliance/hipaa.py +142 -0
  24. kagesec-0.2.0/scanner/compliance/iso27001.py +181 -0
  25. kagesec-0.2.0/scanner/compliance/mapper.py +19 -0
  26. kagesec-0.2.0/scanner/core/__init__.py +0 -0
  27. kagesec-0.2.0/scanner/core/api_scanner.py +238 -0
  28. kagesec-0.2.0/scanner/core/browser_crawler.py +344 -0
  29. kagesec-0.2.0/scanner/core/code_runner.py +178 -0
  30. kagesec-0.2.0/scanner/core/config.py +64 -0
  31. kagesec-0.2.0/scanner/core/crawl_state.py +83 -0
  32. kagesec-0.2.0/scanner/core/crawler.py +224 -0
  33. kagesec-0.2.0/scanner/core/engine.py +645 -0
  34. kagesec-0.2.0/scanner/core/findings_db.py +200 -0
  35. kagesec-0.2.0/scanner/core/fingerprinter.py +173 -0
  36. kagesec-0.2.0/scanner/core/flow_evaluator.py +515 -0
  37. kagesec-0.2.0/scanner/core/grpc_scanner.py +361 -0
  38. kagesec-0.2.0/scanner/core/har_importer.py +159 -0
  39. kagesec-0.2.0/scanner/core/headless_runner.py +269 -0
  40. kagesec-0.2.0/scanner/core/interactsh.py +200 -0
  41. kagesec-0.2.0/scanner/core/js_extractor.py +150 -0
  42. kagesec-0.2.0/scanner/core/notifier.py +185 -0
  43. kagesec-0.2.0/scanner/core/payload_loader.py +86 -0
  44. kagesec-0.2.0/scanner/core/policy.py +108 -0
  45. kagesec-0.2.0/scanner/core/profiles.py +157 -0
  46. kagesec-0.2.0/scanner/core/rate_limiter.py +63 -0
  47. kagesec-0.2.0/scanner/core/scan_policy.py +71 -0
  48. kagesec-0.2.0/scanner/core/scan_result.py +153 -0
  49. kagesec-0.2.0/scanner/core/soap_scanner.py +289 -0
  50. kagesec-0.2.0/scanner/core/suppressions.py +125 -0
  51. kagesec-0.2.0/scanner/core/template_runner.py +656 -0
  52. kagesec-0.2.0/scanner/core/updater.py +165 -0
  53. kagesec-0.2.0/scanner/core/workflow.py +268 -0
  54. kagesec-0.2.0/scanner/mcp_server.py +140 -0
  55. kagesec-0.2.0/scanner/modules/__init__.py +0 -0
  56. kagesec-0.2.0/scanner/modules/ai_cve.py +81 -0
  57. kagesec-0.2.0/scanner/modules/api_key_leak.py +307 -0
  58. kagesec-0.2.0/scanner/modules/auth_bypass.py +127 -0
  59. kagesec-0.2.0/scanner/modules/blind_xss.py +132 -0
  60. kagesec-0.2.0/scanner/modules/breach.py +110 -0
  61. kagesec-0.2.0/scanner/modules/business_logic.py +173 -0
  62. kagesec-0.2.0/scanner/modules/cache_poisoning.py +125 -0
  63. kagesec-0.2.0/scanner/modules/captcha_check.py +93 -0
  64. kagesec-0.2.0/scanner/modules/clickjacking.py +126 -0
  65. kagesec-0.2.0/scanner/modules/cmd_injection.py +131 -0
  66. kagesec-0.2.0/scanner/modules/cookie_security.py +74 -0
  67. kagesec-0.2.0/scanner/modules/cors.py +101 -0
  68. kagesec-0.2.0/scanner/modules/coverage_check.py +157 -0
  69. kagesec-0.2.0/scanner/modules/crlf.py +70 -0
  70. kagesec-0.2.0/scanner/modules/crossdomain.py +116 -0
  71. kagesec-0.2.0/scanner/modules/csrf.py +67 -0
  72. kagesec-0.2.0/scanner/modules/csti.py +165 -0
  73. kagesec-0.2.0/scanner/modules/cve_check.py +132 -0
  74. kagesec-0.2.0/scanner/modules/debug_mode.py +206 -0
  75. kagesec-0.2.0/scanner/modules/deserialization.py +261 -0
  76. kagesec-0.2.0/scanner/modules/dnssec.py +150 -0
  77. kagesec-0.2.0/scanner/modules/exposed_files.py +180 -0
  78. kagesec-0.2.0/scanner/modules/file_upload.py +154 -0
  79. kagesec-0.2.0/scanner/modules/form_fuzz.py +164 -0
  80. kagesec-0.2.0/scanner/modules/graphql.py +268 -0
  81. kagesec-0.2.0/scanner/modules/host_header.py +174 -0
  82. kagesec-0.2.0/scanner/modules/http_methods.py +142 -0
  83. kagesec-0.2.0/scanner/modules/http_param_pollution.py +72 -0
  84. kagesec-0.2.0/scanner/modules/idor.py +93 -0
  85. kagesec-0.2.0/scanner/modules/jwt_attacks.py +308 -0
  86. kagesec-0.2.0/scanner/modules/log4j_deep.py +123 -0
  87. kagesec-0.2.0/scanner/modules/multistep_injection.py +194 -0
  88. kagesec-0.2.0/scanner/modules/oauth.py +258 -0
  89. kagesec-0.2.0/scanner/modules/open_redirect.py +59 -0
  90. kagesec-0.2.0/scanner/modules/padding_oracle.py +157 -0
  91. kagesec-0.2.0/scanner/modules/param_discovery.py +170 -0
  92. kagesec-0.2.0/scanner/modules/path_discovery.py +198 -0
  93. kagesec-0.2.0/scanner/modules/path_traversal.py +87 -0
  94. kagesec-0.2.0/scanner/modules/prototype_pollution.py +133 -0
  95. kagesec-0.2.0/scanner/modules/race_condition.py +168 -0
  96. kagesec-0.2.0/scanner/modules/rate_limit.py +83 -0
  97. kagesec-0.2.0/scanner/modules/request_smuggling.py +118 -0
  98. kagesec-0.2.0/scanner/modules/robots_probe.py +140 -0
  99. kagesec-0.2.0/scanner/modules/security_headers.py +110 -0
  100. kagesec-0.2.0/scanner/modules/session_entropy.py +160 -0
  101. kagesec-0.2.0/scanner/modules/session_fixation.py +227 -0
  102. kagesec-0.2.0/scanner/modules/shellshock.py +114 -0
  103. kagesec-0.2.0/scanner/modules/sqli.py +637 -0
  104. kagesec-0.2.0/scanner/modules/ssi.py +86 -0
  105. kagesec-0.2.0/scanner/modules/ssrf.py +204 -0
  106. kagesec-0.2.0/scanner/modules/ssti.py +103 -0
  107. kagesec-0.2.0/scanner/modules/subdomain_takeover.py +152 -0
  108. kagesec-0.2.0/scanner/modules/subresource_integrity.py +49 -0
  109. kagesec-0.2.0/scanner/modules/templates.py +121 -0
  110. kagesec-0.2.0/scanner/modules/tls.py +148 -0
  111. kagesec-0.2.0/scanner/modules/username_enumeration.py +209 -0
  112. kagesec-0.2.0/scanner/modules/version_disclosure.py +98 -0
  113. kagesec-0.2.0/scanner/modules/vhost_enum.py +190 -0
  114. kagesec-0.2.0/scanner/modules/waf_bypass.py +185 -0
  115. kagesec-0.2.0/scanner/modules/waf_detect.py +102 -0
  116. kagesec-0.2.0/scanner/modules/websocket.py +249 -0
  117. kagesec-0.2.0/scanner/modules/xpath.py +98 -0
  118. kagesec-0.2.0/scanner/modules/xss.py +486 -0
  119. kagesec-0.2.0/scanner/modules/xxe.py +151 -0
  120. kagesec-0.2.0/scanner/payloads/blind_xss.yaml +45 -0
  121. kagesec-0.2.0/scanner/payloads/cmd_injection.yaml +33 -0
  122. kagesec-0.2.0/scanner/payloads/cve_signatures.yaml +221 -0
  123. kagesec-0.2.0/scanner/payloads/form_fuzz.yaml +14 -0
  124. kagesec-0.2.0/scanner/payloads/jwt_secrets.yaml +104 -0
  125. kagesec-0.2.0/scanner/payloads/params.yaml +113 -0
  126. kagesec-0.2.0/scanner/payloads/path_traversal.yaml +57 -0
  127. kagesec-0.2.0/scanner/payloads/paths.yaml +154 -0
  128. kagesec-0.2.0/scanner/payloads/sqli.yaml +134 -0
  129. kagesec-0.2.0/scanner/payloads/ssrf.yaml +196 -0
  130. kagesec-0.2.0/scanner/payloads/ssti.yaml +41 -0
  131. kagesec-0.2.0/scanner/payloads/subdomains.yaml +128 -0
  132. kagesec-0.2.0/scanner/payloads/waf_bypass.yaml +26 -0
  133. kagesec-0.2.0/scanner/payloads/xss.yaml +203 -0
  134. kagesec-0.2.0/scanner/payloads/xxe.yaml +26 -0
  135. kagesec-0.2.0/scanner/reporters/__init__.py +0 -0
  136. kagesec-0.2.0/scanner/reporters/burp_reporter.py +94 -0
  137. kagesec-0.2.0/scanner/reporters/certificate_reporter.py +192 -0
  138. kagesec-0.2.0/scanner/reporters/github_reporter.py +134 -0
  139. kagesec-0.2.0/scanner/reporters/jira_reporter.py +128 -0
  140. kagesec-0.2.0/scanner/reporters/pdf_reporter.py +816 -0
  141. kagesec-0.2.0/scanner/reporters/sarif_reporter.py +147 -0
  142. kagesec-0.2.0/scanner/reporters/zap_reporter.py +134 -0
  143. kagesec-0.2.0/scanner/templates/cves/CVE-2019-11510.yaml +30 -0
  144. kagesec-0.2.0/scanner/templates/cves/CVE-2019-19781.yaml +32 -0
  145. kagesec-0.2.0/scanner/templates/cves/CVE-2019-8451.yaml +28 -0
  146. kagesec-0.2.0/scanner/templates/cves/CVE-2020-11978.yaml +31 -0
  147. kagesec-0.2.0/scanner/templates/cves/CVE-2020-14882.yaml +30 -0
  148. kagesec-0.2.0/scanner/templates/cves/CVE-2020-17519.yaml +28 -0
  149. kagesec-0.2.0/scanner/templates/cves/CVE-2020-1938.yaml +35 -0
  150. kagesec-0.2.0/scanner/templates/cves/CVE-2021-21972.yaml +32 -0
  151. kagesec-0.2.0/scanner/templates/cves/CVE-2021-21985.yaml +31 -0
  152. kagesec-0.2.0/scanner/templates/cves/CVE-2021-22205.yaml +28 -0
  153. kagesec-0.2.0/scanner/templates/cves/CVE-2021-22986.yaml +33 -0
  154. kagesec-0.2.0/scanner/templates/cves/CVE-2021-25646.yaml +31 -0
  155. kagesec-0.2.0/scanner/templates/cves/CVE-2021-26084.yaml +32 -0
  156. kagesec-0.2.0/scanner/templates/cves/CVE-2021-26855.yaml +30 -0
  157. kagesec-0.2.0/scanner/templates/cves/CVE-2021-3129.yaml +30 -0
  158. kagesec-0.2.0/scanner/templates/cves/CVE-2021-34473.yaml +31 -0
  159. kagesec-0.2.0/scanner/templates/cves/CVE-2021-40438.yaml +30 -0
  160. kagesec-0.2.0/scanner/templates/cves/CVE-2021-41773.yaml +29 -0
  161. kagesec-0.2.0/scanner/templates/cves/CVE-2021-43798.yaml +29 -0
  162. kagesec-0.2.0/scanner/templates/cves/CVE-2021-44228.yaml +36 -0
  163. kagesec-0.2.0/scanner/templates/cves/CVE-2021-44515.yaml +32 -0
  164. kagesec-0.2.0/scanner/templates/cves/CVE-2021-45046.yaml +35 -0
  165. kagesec-0.2.0/scanner/templates/cves/CVE-2022-0543.yaml +32 -0
  166. kagesec-0.2.0/scanner/templates/cves/CVE-2022-1388.yaml +37 -0
  167. kagesec-0.2.0/scanner/templates/cves/CVE-2022-2185.yaml +30 -0
  168. kagesec-0.2.0/scanner/templates/cves/CVE-2022-22954.yaml +29 -0
  169. kagesec-0.2.0/scanner/templates/cves/CVE-2022-22965.yaml +31 -0
  170. kagesec-0.2.0/scanner/templates/cves/CVE-2022-26134.yaml +28 -0
  171. kagesec-0.2.0/scanner/templates/cves/CVE-2022-26138.yaml +37 -0
  172. kagesec-0.2.0/scanner/templates/cves/CVE-2022-26318.yaml +30 -0
  173. kagesec-0.2.0/scanner/templates/cves/CVE-2022-30190.yaml +34 -0
  174. kagesec-0.2.0/scanner/templates/cves/CVE-2022-41082.yaml +33 -0
  175. kagesec-0.2.0/scanner/templates/cves/CVE-2022-42889.yaml +27 -0
  176. kagesec-0.2.0/scanner/templates/cves/CVE-2022-46169.yaml +32 -0
  177. kagesec-0.2.0/scanner/templates/cves/CVE-2023-20887.yaml +31 -0
  178. kagesec-0.2.0/scanner/templates/cves/CVE-2023-22515.yaml +35 -0
  179. kagesec-0.2.0/scanner/templates/cves/CVE-2023-23397.yaml +36 -0
  180. kagesec-0.2.0/scanner/templates/cves/CVE-2023-27898.yaml +31 -0
  181. kagesec-0.2.0/scanner/templates/cves/CVE-2023-28432.yaml +35 -0
  182. kagesec-0.2.0/scanner/templates/cves/CVE-2023-29357.yaml +31 -0
  183. kagesec-0.2.0/scanner/templates/cves/CVE-2023-33246.yaml +32 -0
  184. kagesec-0.2.0/scanner/templates/cves/CVE-2023-34362.yaml +33 -0
  185. kagesec-0.2.0/scanner/templates/cves/CVE-2023-42793.yaml +33 -0
  186. kagesec-0.2.0/scanner/templates/cves/CVE-2023-46604.yaml +32 -0
  187. kagesec-0.2.0/scanner/templates/cves/CVE-2023-4966.yaml +33 -0
  188. kagesec-0.2.0/scanner/templates/cves/CVE-2023-50164.yaml +34 -0
  189. kagesec-0.2.0/scanner/templates/cves/CVE-2024-1709.yaml +31 -0
  190. kagesec-0.2.0/scanner/templates/cves/CVE-2024-21887.yaml +33 -0
  191. kagesec-0.2.0/scanner/templates/cves/CVE-2024-23897.yaml +34 -0
  192. kagesec-0.2.0/scanner/templates/cves/CVE-2024-27198.yaml +31 -0
  193. kagesec-0.2.0/scanner/templates/exposed-panels/grafana.yaml +28 -0
  194. kagesec-0.2.0/scanner/templates/exposed-panels/jenkins.yaml +36 -0
  195. kagesec-0.2.0/scanner/templates/exposed-panels/kibana.yaml +28 -0
  196. kagesec-0.2.0/scanner/templates/exposed-panels/laravel-telescope.yaml +29 -0
  197. kagesec-0.2.0/scanner/templates/exposed-panels/phpmyadmin.yaml +31 -0
  198. kagesec-0.2.0/scanner/templates/exposed-panels/prometheus.yaml +29 -0
  199. kagesec-0.2.0/scanner/templates/exposed-panels/spring-boot-actuator.yaml +34 -0
  200. kagesec-0.2.0/scanner/templates/misconfigs/apache-server-status.yaml +34 -0
  201. kagesec-0.2.0/scanner/templates/misconfigs/backup-files.yaml +37 -0
  202. kagesec-0.2.0/scanner/templates/misconfigs/env-exposed.yaml +29 -0
  203. kagesec-0.2.0/scanner/templates/misconfigs/git-exposed.yaml +29 -0
  204. kagesec-0.2.0/scanner/templates/misconfigs/graphql-introspection.yaml +32 -0
  205. kagesec-0.2.0/scanner/templates/misconfigs/phpinfo.yaml +31 -0
  206. kagesec-0.2.0/scanner/templates/misconfigs/swagger-exposed.yaml +34 -0
  207. kagesec-0.2.0/scanner/utils/__init__.py +0 -0
  208. kagesec-0.2.0/scanner/utils/http.py +55 -0
  209. kagesec-0.2.0/scanner/utils/payloads.py +32 -0
  210. kagesec-0.2.0/scanner/workflows/quick-web.yaml +38 -0
  211. kagesec-0.2.0/scanner/workflows/wordpress.yaml +45 -0
  212. kagesec-0.2.0/setup.cfg +4 -0
kagesec-0.2.0/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2024 Zulhilmi Rahmat
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.