scythe-ttp 0.16.0__py3-none-any.whl → 0.17.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of scythe-ttp might be problematic. Click here for more details.
- scythe/cli/main.py +135 -5
- {scythe_ttp-0.16.0.dist-info → scythe_ttp-0.17.0.dist-info}/METADATA +2 -1
- {scythe_ttp-0.16.0.dist-info → scythe_ttp-0.17.0.dist-info}/RECORD +7 -7
- {scythe_ttp-0.16.0.dist-info → scythe_ttp-0.17.0.dist-info}/WHEEL +0 -0
- {scythe_ttp-0.16.0.dist-info → scythe_ttp-0.17.0.dist-info}/entry_points.txt +0 -0
- {scythe_ttp-0.16.0.dist-info → scythe_ttp-0.17.0.dist-info}/licenses/LICENSE +0 -0
- {scythe_ttp-0.16.0.dist-info → scythe_ttp-0.17.0.dist-info}/top_level.txt +0 -0
scythe/cli/main.py
CHANGED
|
@@ -83,6 +83,138 @@ def main():
|
|
|
83
83
|
dest='gate_versions',
|
|
84
84
|
help='Gate versions to test against')
|
|
85
85
|
|
|
86
|
+
# Core Application Parameters
|
|
87
|
+
parser.add_argument(
|
|
88
|
+
'--protocol',
|
|
89
|
+
default='https',
|
|
90
|
+
choices=['http', 'https'],
|
|
91
|
+
help='Protocol to use (http/https, default: https)')
|
|
92
|
+
parser.add_argument(
|
|
93
|
+
'--port',
|
|
94
|
+
type=int,
|
|
95
|
+
help='Port number for the target application')
|
|
96
|
+
|
|
97
|
+
# Authentication Parameters
|
|
98
|
+
parser.add_argument(
|
|
99
|
+
'--username',
|
|
100
|
+
help='Username for authentication')
|
|
101
|
+
parser.add_argument(
|
|
102
|
+
'--password',
|
|
103
|
+
help='Password for authentication')
|
|
104
|
+
parser.add_argument(
|
|
105
|
+
'--token',
|
|
106
|
+
help='Bearer token or API key')
|
|
107
|
+
parser.add_argument(
|
|
108
|
+
'--auth-type',
|
|
109
|
+
choices=['basic', 'bearer', 'form'],
|
|
110
|
+
help='Authentication method (basic, bearer, form, etc.)')
|
|
111
|
+
parser.add_argument(
|
|
112
|
+
'--credentials-file',
|
|
113
|
+
help='Path to file containing multiple user credentials')
|
|
114
|
+
|
|
115
|
+
# Test Data Parameters
|
|
116
|
+
parser.add_argument(
|
|
117
|
+
'--users-file',
|
|
118
|
+
help='Path to CSV file containing user data')
|
|
119
|
+
parser.add_argument(
|
|
120
|
+
'--emails-file',
|
|
121
|
+
help='Path to text file containing email addresses')
|
|
122
|
+
parser.add_argument(
|
|
123
|
+
'--payload-file',
|
|
124
|
+
help='Path to file containing test payloads')
|
|
125
|
+
parser.add_argument(
|
|
126
|
+
'--data-file',
|
|
127
|
+
help='Generic path to test data file')
|
|
128
|
+
|
|
129
|
+
# Execution Control Parameters
|
|
130
|
+
parser.add_argument(
|
|
131
|
+
'--batch-size',
|
|
132
|
+
type=int,
|
|
133
|
+
default=10,
|
|
134
|
+
help='Number of operations per batch (default: 10)')
|
|
135
|
+
parser.add_argument(
|
|
136
|
+
'--max-batches',
|
|
137
|
+
type=int,
|
|
138
|
+
help='Maximum number of batches to run')
|
|
139
|
+
parser.add_argument(
|
|
140
|
+
'--workers',
|
|
141
|
+
type=int,
|
|
142
|
+
help='Number of concurrent workers/threads')
|
|
143
|
+
parser.add_argument(
|
|
144
|
+
'--replications',
|
|
145
|
+
type=int,
|
|
146
|
+
help='Number of test replications for load testing')
|
|
147
|
+
parser.add_argument(
|
|
148
|
+
'--timeout',
|
|
149
|
+
type=int,
|
|
150
|
+
help='Request timeout in seconds')
|
|
151
|
+
parser.add_argument(
|
|
152
|
+
'--delay',
|
|
153
|
+
type=float,
|
|
154
|
+
help='Delay between requests in seconds')
|
|
155
|
+
|
|
156
|
+
# Browser/Execution Parameters
|
|
157
|
+
parser.add_argument(
|
|
158
|
+
'--headless',
|
|
159
|
+
action='store_true',
|
|
160
|
+
help='Run browser in headless mode (flag)')
|
|
161
|
+
parser.add_argument(
|
|
162
|
+
'--browser',
|
|
163
|
+
choices=['chrome', 'firefox', 'safari', 'edge'],
|
|
164
|
+
help='Browser type (chrome, firefox, etc.)')
|
|
165
|
+
parser.add_argument(
|
|
166
|
+
'--user-agent',
|
|
167
|
+
help='Custom user agent string')
|
|
168
|
+
parser.add_argument(
|
|
169
|
+
'--proxy',
|
|
170
|
+
help='Proxy server URL')
|
|
171
|
+
parser.add_argument(
|
|
172
|
+
'--proxy-file',
|
|
173
|
+
help='Path to file containing proxy list')
|
|
174
|
+
|
|
175
|
+
# Output and Reporting Parameters
|
|
176
|
+
parser.add_argument(
|
|
177
|
+
'--output-dir',
|
|
178
|
+
help='Directory for output files')
|
|
179
|
+
parser.add_argument(
|
|
180
|
+
'--report-format',
|
|
181
|
+
choices=['json', 'csv', 'html'],
|
|
182
|
+
help='Report format (json, csv, html)')
|
|
183
|
+
parser.add_argument(
|
|
184
|
+
'--log-level',
|
|
185
|
+
choices=['debug', 'info', 'warning', 'error'],
|
|
186
|
+
help='Logging level (debug, info, warning, error)')
|
|
187
|
+
parser.add_argument(
|
|
188
|
+
'--verbose',
|
|
189
|
+
action='store_true',
|
|
190
|
+
help='Enable verbose output (flag)')
|
|
191
|
+
parser.add_argument(
|
|
192
|
+
'--silent',
|
|
193
|
+
action='store_true',
|
|
194
|
+
help='Suppress output except errors (flag)')
|
|
195
|
+
|
|
196
|
+
# Test Control Parameters
|
|
197
|
+
parser.add_argument(
|
|
198
|
+
'--fail-fast',
|
|
199
|
+
action='store_true',
|
|
200
|
+
help='Stop immediately on first failure (flag)')
|
|
201
|
+
parser.add_argument(
|
|
202
|
+
'--dry-run',
|
|
203
|
+
action='store_true',
|
|
204
|
+
help='Validate configuration without executing tests (flag)')
|
|
205
|
+
parser.add_argument(
|
|
206
|
+
'--test-type',
|
|
207
|
+
choices=['load', 'security', 'functional'],
|
|
208
|
+
help='Type of test to run (load, security, functional)')
|
|
209
|
+
parser.add_argument(
|
|
210
|
+
'--iterations',
|
|
211
|
+
type=int,
|
|
212
|
+
help='Number of test iterations')
|
|
213
|
+
parser.add_argument(
|
|
214
|
+
'--duration',
|
|
215
|
+
type=int,
|
|
216
|
+
help='Test duration in seconds')
|
|
217
|
+
|
|
86
218
|
args = parser.parse_args()
|
|
87
219
|
|
|
88
220
|
if check_url_available(args.url):
|
|
@@ -226,10 +358,8 @@ def _create_test(project_root: str, name: str) -> str:
|
|
|
226
358
|
|
|
227
359
|
return filepath
|
|
228
360
|
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
_DETECTED_LIST_RE = re.compile(r"Detected target versions: \[?([^\]]*)\]?")
|
|
232
|
-
|
|
361
|
+
_VERSION_RE = re.compile(r"['\"]?X-Scythe-Target-Version['\"]?\s*:\s*['\"]?([\w.-]+)['\"]?")
|
|
362
|
+
_DETECTED_LIST_RE = re.compile(r"Target versions detected:\s*\[?([^]]*)\]?")
|
|
233
363
|
|
|
234
364
|
def _parse_version_from_output(output: str) -> Optional[str]:
|
|
235
365
|
m = _VERSION_RE.search(output)
|
|
@@ -240,7 +370,7 @@ def _parse_version_from_output(output: str) -> Optional[str]:
|
|
|
240
370
|
if m:
|
|
241
371
|
inner = m.group(1)
|
|
242
372
|
# extract first version-like token
|
|
243
|
-
mv = re.search(r"
|
|
373
|
+
mv = re.search(r"\d+(?:\.[\w\-]+)+", inner)
|
|
244
374
|
if mv:
|
|
245
375
|
return mv.group(0)
|
|
246
376
|
return None
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: scythe-ttp
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.17.0
|
|
4
4
|
Summary: An extensible framework for emulating attacker TTPs with Selenium.
|
|
5
5
|
Author-email: EpykLab <cyber@epyklab.com>
|
|
6
6
|
Classifier: Programming Language :: Python :: 3
|
|
@@ -35,6 +35,7 @@ Requires-Dist: urllib3==2.4.0
|
|
|
35
35
|
Requires-Dist: websocket-client==1.8.0
|
|
36
36
|
Requires-Dist: wsproto==1.2.0
|
|
37
37
|
Requires-Dist: typer
|
|
38
|
+
Requires-Dist: shellingham
|
|
38
39
|
Dynamic: license-file
|
|
39
40
|
|
|
40
41
|
<h1 align="center">Scythe</h1>
|
|
@@ -11,7 +11,7 @@ scythe/behaviors/human.py,sha256=1PqYvE7cnxlj-KDmDIr3uzfWHvDAbbxQxJ0V0iTl9yo,102
|
|
|
11
11
|
scythe/behaviors/machine.py,sha256=NDMUq3mDhpCvujzAFxhn2eSVq78-J-LSBhIcvHkzKXo,4624
|
|
12
12
|
scythe/behaviors/stealth.py,sha256=xv7MrPQgRCdCUJyYTcXV2aasWZoAw8rAQWg-AuQVb7U,15278
|
|
13
13
|
scythe/cli/__init__.py,sha256=9EVxmFiWsAoqWJ6br1bc3BxlA71JyOQP28fUHhX2k7E,43
|
|
14
|
-
scythe/cli/main.py,sha256=
|
|
14
|
+
scythe/cli/main.py,sha256=jQ_M0otx4XpOQl-qoNm6PMtHUapKvBo5rEW3FvvgDuk,25441
|
|
15
15
|
scythe/core/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
16
16
|
scythe/core/executor.py,sha256=x1w2nByVu2G70sh7t0kOh6urlrTm_r_pbk0S7v1Ov28,9736
|
|
17
17
|
scythe/core/headers.py,sha256=AokCQ3F5QGUcfoK7iO57hA1HHL4IznZeWV464_MqYcE,16670
|
|
@@ -32,9 +32,9 @@ scythe/ttps/web/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
|
32
32
|
scythe/ttps/web/login_bruteforce.py,sha256=D4G8zB_nU9LD5w3Vv2ABTuOl4XTeg2BgZwYMObt4JJw,2488
|
|
33
33
|
scythe/ttps/web/sql_injection.py,sha256=aWk4DFePbtFDsieOOj03Ux-5OiykyOs2_d_3SvWMOVE,2910
|
|
34
34
|
scythe/ttps/web/uuid_guessing.py,sha256=JwNt_9HVynMWFPPU6UGJFcpxvMVDsvc_wAnJVtcYbps,1235
|
|
35
|
-
scythe_ttp-0.
|
|
36
|
-
scythe_ttp-0.
|
|
37
|
-
scythe_ttp-0.
|
|
38
|
-
scythe_ttp-0.
|
|
39
|
-
scythe_ttp-0.
|
|
40
|
-
scythe_ttp-0.
|
|
35
|
+
scythe_ttp-0.17.0.dist-info/licenses/LICENSE,sha256=B7iB4Fv6zDQolC7IgqNF8F4GEp_DLe2jrPPuR_MYMOM,1064
|
|
36
|
+
scythe_ttp-0.17.0.dist-info/METADATA,sha256=26sY7kniDQ9qfcHFGrA_9T0XVHQaWlenkJRAPKbU4fY,30188
|
|
37
|
+
scythe_ttp-0.17.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
|
|
38
|
+
scythe_ttp-0.17.0.dist-info/entry_points.txt,sha256=rAAsFBcCm0OX3I4uRyclfx4YJGoTuumZKY43HN7R5Ro,48
|
|
39
|
+
scythe_ttp-0.17.0.dist-info/top_level.txt,sha256=BCKTrPuVvmLyhOR07C1ggOh6sU7g2LoVvwDMn46O55Y,7
|
|
40
|
+
scythe_ttp-0.17.0.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|