├── links └── txt.txt ├── report ├── links_top-secret.onrender.com.txt ├── top-secret.onrender.com_report.txt ├── links_www.mobafire.com.txt ├── emsi.ma_report.txt ├── azerty.nl_report.txt ├── www.mobafire.com_report.txt ├── robots_emsi.ma.txt ├── links_emsi.ma.txt ├── links_github.com.txt └── links_azerty.nl.txt ├── hh.png ├── 2024-01-01 04_20_37-.png ├── requirements.txt ├── README.md ├── simple.py ├── crawler ├── crawl_emsi.ma.txt └── crawl_github.com.txt ├── LICENSE ├── AI.py ├── wordlists └── sql.txt ├── templates ├── result.html ├── index.html ├── WindowManager.js └── main.js ├── virus-total.py ├── wap.py ├── app.py ├── web-vulnerability-scanner.py └── xss.py /links/txt.txt: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /report/links_top-secret.onrender.com.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /hh.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ELMERIKH/Web-AI-Scanner/HEAD/hh.png -------------------------------------------------------------------------------- /2024-01-01 04_20_37-.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ELMERIKH/Web-AI-Scanner/HEAD/2024-01-01 04_20_37-.png -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | setuptools 2 | python-wappalyzer 3 | virustotal_python 4 | colorama 5 | flask_cors 6 | flask 7 | lxml 8 | fuzzywuzzy 9 | prettytable -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | WEB app and cli tool VULNERABILITY SCANNER with AI for feedback and solutions 2 | 3 | work in progress , taking a break from this project ,may update later 4 | 5 | setup: 6 | ------------- 7 | 8 | pip install -r requerements.txt 9 | 10 | get your apki key : https://www.llama-api.com 11 | 12 | and update AI.py with you api key 13 | 14 | python app.py 15 | 16 | 17 | 18 | 19 | https://github.com/ELMERIKH/Web-AI-Scanner/assets/96123439/39a147e4-6514-4772-8f4f-773beab046b9 20 | 21 | 22 | https://github.com/ELMERIKH/Web-AI-Scanner/assets/96123439/e0dfea54-954b-4382-a072-37fdbcd0aff4 23 | 24 | 25 | https://github.com/ELMERIKH/Web-AI-Scanner/assets/96123439/103ac910-60b4-45e9-ad60-c3d7b7047db7 26 | -------------------------------------------------------------------------------- /simple.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import requests 3 | import socket 4 | import json 5 | 6 | if len(sys.argv) < 2: 7 | print("Usage: " + sys.argv[0] + " ") 8 | sys.exit(1) 9 | url = sys.argv[1] 10 | if url.startswith("https://"): 11 | url = url.replace("https://", "", 1) 12 | if url.startswith("http://"): 13 | url = url.replace("http://", "", 1) 14 | 15 | ip = socket.gethostbyname(url) 16 | print("[+] location scan :\n The IP address of " + url + " is: " + ip + "\n") 17 | 18 | req2 = requests.get("https://ipinfo.io/" + ip + "/json") 19 | resp = json.loads(req2.text) 20 | 21 | print("Location: " + resp["loc"]) 22 | print("City: " + resp["city"]) 23 | print("Region: " + resp["region"]) 24 | print("Country: " + resp["country"]) -------------------------------------------------------------------------------- /report/top-secret.onrender.com_report.txt: -------------------------------------------------------------------------------- 1 | https://top-secret.onrender.com 2 | [+]Encoded URL: https://top-secret.onrender.com/ 3 | [+]Allowed methods: GET,HEAD 4 | [-]robots.txt is not available 5 | [+]HTTP headers: {'Date': 'Sun, 17 Dec 2023 14:06:21 GMT', 'Content-Type': 'text/html; charset=UTF-8', 'Content-Length': '657', 'Connection': 'keep-alive', 'CF-Ray': '836fb9e75bd52171-MAD', 'CF-Cache-Status': 'DYNAMIC', 'Accept-Ranges': 'bytes', 'Cache-Control': 'public, max-age=0', 'Content-Encoding': 'gzip', 'ETag': 'W/"465-18b67435d70"', 'Last-Modified': 'Wed, 25 Oct 2023 14:35:50 GMT', 'Vary': 'Accept-Encoding', 'rndr-id': '85493808-9463-480d', 'x-powered-by': 'Express', 'x-render-origin-server': 'Render', 'Server': 'cloudflare', 'alt-svc': 'h3=":443"; ma=86400'} 6 | [+]Cloudfare Detected ! 7 | -------------------------------------------------------------------------------- /crawler/crawl_emsi.ma.txt: -------------------------------------------------------------------------------- 1 | [+] Links:https://emsi.ma/index.php 2 | [+] Links:https://emsi.ma/wp-content 3 | [+] Links:https://emsi.ma/robots.txt 4 | [+] Links:https://emsi.ma/wp-admin 5 | [+] Links:https://emsi.ma/license.txt 6 | [+] Links:https://emsi.ma/wp-login.php 7 | [+] Links:https://emsi.ma/wp-load.php 8 | [+] Links:https://emsi.ma/wp-links-opml.php 9 | [+] Links:https://emsi.ma/wp-cron.php 10 | [+] Links:https://emsi.ma/wp-activate.php 11 | [+] Links:https://emsi.ma/wp-signup.php 12 | [+] Links:https://emsi.ma/wp-config.php 13 | [+] Links:https://emsi.ma/admin 14 | [+] Links:https://emsi.ma/sitemap.xml 15 | [+] Links:https://emsi.ma/blog 16 | [+] Links:https://emsi.ma/download 17 | [+] Links:https://emsi.ma/login.php 18 | [+] Links:https://emsi.ma/home 19 | [+] Links:https://emsi.ma/events 20 | -------------------------------------------------------------------------------- /report/links_www.mobafire.com.txt: -------------------------------------------------------------------------------- 1 | [+]Links:https://www.mobafire.com/images/social/home.jpg 2 | [+]Links:https://www.mobafire.com/ 3 | [+]Links:252Fwww.mobafire.com 4 | [+]Links:252Fwww.mobafire.com 5 | [+]Links:252Fwww.mobafire.com 6 | [+]Links:252Fwww.mobafire.com 7 | [+]Links:252Fwww.mobafire.com 8 | [+]Links:252Fwww.mobafire.com 9 | [+]Links:252Fwww.mobafire.com 10 | [+]Links:252Fwww.mobafire.com 11 | [+]Links:https://twitter.com/mobafire 12 | [+]Links:https://porofessor.gg/download/mobafire 13 | [+]Links:https://porofessor.gg/download/mobafire 14 | [+]Links:https://porofessor.gg/download/mobafire 15 | [+]Links:https://www.gravatar.com/avatar/cd74e4dd74430a16ae87eaa353bc28d8.jpg?s=128&d=http%3A%2F%2Fwww.mobafire.com%2Fimages%2Fnoavatar.png 16 | [+]Links:https://www.gravatar.com/avatar/cd74e4dd74430a16ae87eaa353bc28d8.jpg?s=128&d=http%3A%2F%2Fwww.mobafire.com%2Fimages%2Fnoavatar.png 17 | [+]Links:https://www.mobafire.com 18 | [+]Links:https://www.mobafire.com/teamfight-tactics 19 | [+]Links:https://twitter.com/mobafire 20 | [+]Links:https://www.mobafire.com/jobs 21 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 Moncef khafif 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /AI.py: -------------------------------------------------------------------------------- 1 | import json 2 | from llamaapi import LlamaAPI 3 | 4 | class consultantAI: 5 | def read_report(self,file_path): 6 | with open(file_path, 'r') as file: 7 | report_content = file.read() 8 | return report_content 9 | 10 | def generate_solution(self,prompt): 11 | 12 | 13 | # Initialize the SDK 14 | llama = LlamaAPI("") 15 | 16 | # Build the API request 17 | api_request_json = { 18 | "messages": [ 19 | {"role": "user", "content": "your a web security consultant give solutions and feedback give answer in a minimized adn organized way alwyas use icons "}, 20 | {"role": "user", "content": prompt}, # Add the prompt to the messages 21 | 22 | ], 23 | 24 | 25 | "stream": False, 26 | "function_call": "get_current_weather", 27 | } 28 | 29 | # Execute the Request 30 | try: 31 | response = llama.run(api_request_json) 32 | response_data = response.json() 33 | message_content = response_data['choices'][0]['message']['content'] 34 | return message_content 35 | except Exception as e: 36 | if "api key invalid" in str(e).lower(): 37 | print("API key invalid") 38 | else: 39 | print("An error occurred:", e) 40 | return None 41 | 42 | -------------------------------------------------------------------------------- /report/emsi.ma_report.txt: -------------------------------------------------------------------------------- 1 | <<<<<<< HEAD 2 | https://emsi.ma 3 | [+]Encoded URL: https://emsi.ma/ 4 | [+]Allowed methods: None 5 | [+]NO Certificate information: 6 | [+]HTTP headers: {'Connection': 'Keep-Alive', 'Keep-Alive': 'timeout=5, max=100', 'x-powered-by': 'PHP/8.1.18', 'cache-control': 'no-cache', 'wpo-cache-status': 'cached', 'last-modified': 'Sun, 17 Dec 2023 14:20:43 GMT', 'content-type': 'text/html; charset=UTF-8', 'transfer-encoding': 'chunked', 'content-encoding': 'gzip', 'vary': 'Accept-Encoding', 'date': 'Sun, 17 Dec 2023 14:29:13 GMT', 'server': 'LiteSpeed', 'alt-svc': 'h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"'} 7 | [+]E-mail: informations@emsi.ma 8 | [+]E-mail: informations@emsi.ma 9 | [+]Cloudfare Not Detected ! 10 | [+]CMS Not Detected ! 11 | [-]Website hasn't MasterCard! 12 | [-]Website hasn't a VISA card! 13 | [-]Website hasn't a AMEX card! 14 | [-]Website hasn't a DISCOVER card! 15 | [-]Sqli isn't available 16 | [-]no XSS vulnerability 17 | 18 | The IP address of emsi.ma is: 109.70.148.59 19 | 20 | Location: 51.5085,-0.1257 21 | City: London 22 | Region: England 23 | Country: GB 24 | ======= 25 | https://emsi.ma 26 | [+]Encoded URL: https://emsi.ma/ 27 | [+]Allowed methods: None 28 | [+]NO Certificate information: 29 | >>>>>>> d3672b5066d995ec7938b85a50cb6a4b6899ffde 30 | -------------------------------------------------------------------------------- /wordlists/sql.txt: -------------------------------------------------------------------------------- 1 | ' 2 | '' 3 | ` 4 | `` 5 | , 6 | " 7 | "" 8 | / 9 | // 10 | \ 11 | \\ 12 | ; 13 | ' or " 14 | -- or # 15 | ' OR '1 16 | ' OR 1 -- - 17 | " OR "" = " 18 | " OR 1 = 1 -- - 19 | ' OR '' = ' 20 | '=' 21 | 'LIKE' 22 | '=0--+ 23 | OR 1=1 24 | ' OR 'x'='x 25 | ' AND id IS NULL; -- 26 | '''''''''''''UNION SELECT '2 27 | %00 28 | /*…*/ 29 | + addition, concatenate (or space in url) 30 | || (double pipe) concatenate 31 | % wildcard attribute indicator 32 | 33 | @variable local variable 34 | @@variable global variable 35 | 36 | 37 | # Numeric 38 | AND 1 39 | AND 0 40 | AND true 41 | AND false 42 | 1-false 43 | 1-true 44 | 1*56 45 | -2 46 | 47 | 48 | 1' ORDER BY 1--+ 49 | 1' ORDER BY 2--+ 50 | 1' ORDER BY 3--+ 51 | 52 | 1' ORDER BY 1,2--+ 53 | 1' ORDER BY 1,2,3--+ 54 | 55 | 1' GROUP BY 1,2,--+ 56 | 1' GROUP BY 1,2,3--+ 57 | ' GROUP BY columnnames having 1=1 -- 58 | 59 | 60 | -1' UNION SELECT 1,2,3--+ 61 | ' UNION SELECT sum(columnname ) from tablename -- 62 | 63 | 64 | -1 UNION SELECT 1 INTO @,@ 65 | -1 UNION SELECT 1 INTO @,@,@ 66 | 67 | 1 AND (SELECT * FROM Users) = 1 68 | 69 | ' AND MID(VERSION(),1,1) = '5'; 70 | 71 | ' and 1 in (select min(name) from sysobjects where xtype = 'U' and name > '.') -- 72 | 73 | 74 | Finding the table name 75 | 76 | 77 | Time-Based: 78 | ,(select * from (select(sleep(10)))a) 79 | %2c(select%20*%20from%20(select(sleep(10)))a) 80 | ';WAITFOR DELAY '0:0:30'-- 81 | 82 | Comments: 83 | 84 | # Hash comment 85 | /* C-style comment 86 | -- - SQL comment 87 | ;%00 Nullbyte 88 | ` Backtick -------------------------------------------------------------------------------- /report/azerty.nl_report.txt: -------------------------------------------------------------------------------- 1 | https://azerty.nl 2 | [+]Encoded URL: https://azerty.nl/ 3 | [+]Allowed methods: None 4 | [+]HTTP headers: {'Connection': 'keep-alive', 'Content-Security-Policy': "frame-ancestors 'self' https://service.ariba.com https://service-2.ariba.com https://certservice.ariba.com https://certservice-2.ariba.com https://s1.ariba.com https://s2.ariba.com https://usertest.sciquest.com https://uitweb.sciquest.com https://neo.sciquest.com https://solutions.sciquest.com https://cloud.punchoutexpress.com https://dev.cloud.punchoutexpress.com https://cloud.pexlocal.com https://cloud.mpexlocal.com;", 'Content-Type': 'text/html; charset=UTF-8', 'Expires': 'Sun, 17 Dec 2023 23:36:15 GMT', 'Pragma': 'cache', 'Traceresponse': '00-17a17416c606b3ad7910cd74afdc2536-f363c3b17662a2d8-01', 'X-Built-With': 'Hyva Themes', 'X-Content-Type-Options': 'nosniff', 'X-Debug-Info': 'eyJyZXRyaWVzIjowfQ==', 'X-Esi': '1', 'X-Platform-Server': 'i-05b73a99dc09826a3, i-05b73a99dc09826a3', 'X-Xss-Protection': '1; mode=block', 'Date': 'Sun, 17 Dec 2023 13:54:07 GMT', 'Age': '51472', 'X-Served-By': 'cache-lhr7335-LHR, cache-mad22039-MAD', 'X-Cache': 'HIT, HIT', 'X-Cache-Hits': '36, 1', 'strict-transport-security': 'max-age=31536000', 'Cache-Control': 'no-store, no-cache, must-revalidate, max-age=0', 'Vary': 'Accept-Encoding,Cookie', 'content-encoding': 'gzip', 'accept-ranges': 'none', 'transfer-encoding': 'chunked'} 5 | [+]E-mail: klantenservice@azerty.nl 6 | [+]E-mail: klantenservice@azerty.nl 7 | [+]E-mail: klantenservice@azerty.nl 8 | [+]E-mail: klantenservice@azerty.nl 9 | [+]Cloudfare Not Detected ! 10 | -------------------------------------------------------------------------------- /templates/result.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | Web Vulnerability Scanner 7 | 25 | 26 | 27 |

28 |

Web Vulnerability Scanner Report

29 |

Report

30 |

31 | {% for line in tool_output_lines %} 32 | {% if '[+]' in line %} 33 |

34 | {% else %} 35 |

36 | {% endif %} 37 | {% endfor %} 38 |

39 |

Solutions

40 |

{{ solution }}

45 |

46 | 47 | -------------------------------------------------------------------------------- /report/www.mobafire.com_report.txt: -------------------------------------------------------------------------------- 1 | https://www.mobafire.com 2 | [+]Encoded URL: https://www.mobafire.com/ 3 | [+]Allowed methods: None 4 | [+]HTTP headers: {'Date': 'Sat, 09 Dec 2023 00:21:42 GMT', 'Content-Type': 'text/html; charset=UTF-8', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'Vary': 'Accept-Encoding', 'Set-Cookie': 'PHPSESSID=uj7g120ftpg1b36c3fc53p5vlr; expires=Sat, 09-Dec-2023 01:21:42 GMT; Max-Age=3600; path=/; domain=www.mobafire.com; secure; HttpOnly', 'Expires': 'Sat, 09 Dec 2023 00:21:41 GMT', 'Cache-Control': 'no-cache', 'Pragma': 'no-cache', 'X-Proxy-Cache': 'BYPASS', 'X-Proxy-Skip': '1', 'CF-Cache-Status': 'DYNAMIC', 'Server': 'cloudflare', 'CF-RAY': '832916eb7b4dc718-CMN', 'Content-Encoding': 'gzip'} 5 | [+]E-mail: partnerships@mobafire.com 6 | [-]Website hasn't MasterCard! 7 | [-]Website hasn't a VISA card! 8 | [-]Website hasn't a AMEX card! 9 | [-]Website hasn't a DISCOVER card! 10 | [-]Sqli isn't available 11 | [-]no XSS vulnerability 12 | 13 | {'Date': 'Sat, 09 Dec 2023 00:21:44 GMT', 'Content-Type': 'text/html; charset=UTF-8', 'Transfer-Encoding': 'chunked', 'Connection': 'keep-alive', 'Vary': 'Accept-Encoding', 'Set-Cookie': 'PHPSESSID=srl445n8bstm6ngu66tsjeab4p; expires=Sat, 09-Dec-2023 01:21:43 GMT; Max-Age=3600; path=/; domain=www.mobafire.com; secure; HttpOnly', 'Expires': 'Sat, 09 Dec 2023 00:21:42 GMT', 'Cache-Control': 'no-cache', 'Pragma': 'no-cache', 'X-Proxy-Cache': 'BYPASS', 'X-Proxy-Skip': '1', 'CF-Cache-Status': 'DYNAMIC', 'Server': 'cloudflare', 'CF-RAY': '832916f3db06c71c-CMN', 'Content-Encoding': 'gzip'} 14 | 15 | The IP address of www.mobafire.com is: 104.18.13.252 16 | 17 | Location: 37.7621,-122.3971 18 | City: San Francisco 19 | Region: California 20 | Country: US 21 | -------------------------------------------------------------------------------- /virus-total.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import virustotal_python 3 | from base64 import urlsafe_b64encode 4 | import hashlib 5 | from colorama import Fore, Style 6 | 7 | def calculate_sha256(url): 8 | sha256_hash = hashlib.sha256(url.encode()).hexdigest() 9 | return sha256_hash 10 | 11 | def scan_url(v_url, output_file): 12 | vtotal_api_key = "6614755a9647849cf6148f1ecf6310a1dfb8bc22bc8d46d04e042b8d208d1264" 13 | 14 | # Calculate SHA-256 hash of the URL 15 | url_hash = calculate_sha256(v_url) 16 | 17 | with virustotal_python.Virustotal(vtotal_api_key) as vtotal: 18 | try: 19 | resp = vtotal.request("urls", data={"url": v_url}, method="POST") 20 | # Safe encode URL in base64 format 21 | # https://developers.virustotal.com/reference/url 22 | url_id = urlsafe_b64encode(v_url.encode()).decode().strip("=") 23 | report = vtotal.request(f"urls/{url_id}") 24 | v_result_url = report.data['attributes']['last_analysis_stats'] 25 | result_message = f"URL: {v_url}\nSHA-256 Hash: {url_hash}\nAnalysis Result:\n" 26 | if v_result_url['malicious'] > 0: 27 | result_message += "Malicious: This URL is malicious\n" 28 | elif v_result_url['suspicious'] > 0: 29 | result_message += "Suspicious: This URL is suspicious\n" 30 | else: 31 | result_message += "Safe: This URL is safe\n" 32 | with open(output_file, 'a') as file: 33 | file.write("[+] Virus-total scan:\n"+result_message) 34 | print(f"Analysis result written to {output_file}") 35 | except virustotal_python.VirustotalError as err: 36 | print(f"Failed to send URL for analysis and get the report: {err}") 37 | 38 | # Extract the URL and output file from command-line arguments 39 | if len(sys.argv) != 3: 40 | print("Usage: python virus-total.py ") 41 | sys.exit(1) 42 | 43 | url_to_scan = sys.argv[1] 44 | output_file = sys.argv[2] 45 | scan_url(url_to_scan, output_file) -------------------------------------------------------------------------------- /wap.py: -------------------------------------------------------------------------------- 1 | from Wappalyzer import Wappalyzer, WebPage 2 | import argparse 3 | import requests 4 | from colorama import Fore, Back, Style 5 | import warnings 6 | warnings.filterwarnings("ignore") 7 | 8 | def find_version(a): 9 | if a == []: 10 | return 'nil' 11 | else: 12 | return a[0] 13 | 14 | def find_techs(url, nl): 15 | if writefile != '': 16 | j = open(writefile, 'a') 17 | else: 18 | j = None 19 | if '.' in url and 'http' not in url: 20 | t = 'http://'+url 21 | try: 22 | url = requests.head(t, allow_redirects=True).url 23 | except: 24 | print("[+] Some error occurred while resolving") 25 | return 26 | 27 | try: 28 | webpage = WebPage.new_from_url(url) 29 | wappalyzer = Wappalyzer.latest() 30 | techs = wappalyzer.analyze_with_versions_and_categories(webpage) 31 | except: 32 | return Style.BRIGHT + Fore.RED + "\n[!] SOME ERROR OCCURED FOR " + url 33 | 34 | nurl = url.split("//")[1].rstrip("/") 35 | 36 | print("\n[+]",Style.BRIGHT + Fore.BLUE + "TECHNOLOGIES", Style.BRIGHT + Fore.GREEN + f"[{nurl.upper()}]", Style.RESET_ALL + ":\n") 37 | if j : 38 | j.write("\n[+]" + "TECHNOLOGIES" + f"[{nurl.upper()}]" + ":\n") 39 | for i in techs: 40 | print(f"{techs[i]['categories'][0]} : {i} [version: {find_version(techs[i]['versions'])}]") 41 | if j : 42 | j.write(f"{techs[i]['categories'][0]} : {i} [version: {find_version(techs[i]['versions'])}]\n"); 43 | if nl == True: 44 | print("\n") 45 | else: 46 | pass 47 | 48 | parser = argparse.ArgumentParser(description='Finds Web Technologies !') 49 | parser.add_argument('-u', '--url', help='url to find technologies') 50 | parser.add_argument('-f', '--file', default='', help="list of urls to find web technologies") 51 | parser.add_argument('-wf', '--writefile', default='', help="File to write output to") 52 | 53 | nl = True 54 | args = parser.parse_args() 55 | url = args.url 56 | file = args.file 57 | writefile = args.writefile 58 | if file == '': 59 | pass 60 | else: 61 | f = open(file, 'r') 62 | urls = f.readlines() 63 | nl = False 64 | for i in urls: 65 | t = i.strip() 66 | find_techs(t, nl) 67 | print("\n") 68 | 69 | if url==None: 70 | pass 71 | else: 72 | find_techs(url, nl) -------------------------------------------------------------------------------- /app.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | from flask import Flask, render_template, request 3 | from urllib.parse import urlparse 4 | from flask import jsonify 5 | from flask_cors import CORS 6 | from AI import consultantAI 7 | app = Flask(__name__) 8 | CORS(app, resources={r"/get_report_data": {"origins": "http://localhost:3000"}}) 9 | 10 | # Define a function to call the web vulnerability scanner 11 | def web_vulnerability_scan(website_url): 12 | domain_name = urlparse(website_url).netloc 13 | report_file_name = f"./report/{domain_name}_report.txt" 14 | subprocess.check_output(['python', 'web-vulnerability-scanner.py', 'full', website_url]) 15 | subprocess.check_output(['python', 'wap.py', '-u', website_url ,'-wf', report_file_name]) 16 | subprocess.check_output(['python', 'virus-total.py', website_url , report_file_name]) 17 | 18 | 19 | return report_file_name 20 | 21 | @app.route('/test_website', methods=['POST']) 22 | def test_website(): 23 | website_url = request.form['website_url'] 24 | 25 | # Call the web vulnerability scanner function 26 | report_file_name = web_vulnerability_scan(website_url) 27 | 28 | 29 | scanner_output = subprocess.check_output(['python', 'simple.py', website_url]) 30 | 31 | 32 | 33 | file_path = report_file_name 34 | ai_instance = consultantAI() 35 | prompt=ai_instance.read_report(file_path) 36 | solution_content = ai_instance.generate_solution(prompt) 37 | 38 | # Write the output to the report file 39 | with open(report_file_name, 'a') as report_file: 40 | report_file.write(scanner_output.decode('utf-8')) 41 | 42 | # Read the content of the report file 43 | with open(report_file_name, 'r') as report_file: 44 | tool_output = report_file.read() 45 | 46 | # Split the content by newlines for organized display 47 | tool_output_lines = tool_output.split('\n') 48 | if solution_content is None: 49 | solutions_list = ["API key invalid see AI.Py "] 50 | else: 51 | solutions_list = solution_content.strip().split('\n') 52 | 53 | if request.headers.get('X-Requested-With') == 'XMLHttpRequest': 54 | # Return the solution content as JSON 55 | return jsonify({'solution_content': solution_content,'tool_output': tool_output}) 56 | 57 | else: 58 | # Return the HTML page 59 | print(solution_content) 60 | return render_template('result.html', tool_output_lines=tool_output_lines,solutions=solutions_list) 61 | 62 | @app.route('/') 63 | def index(): 64 | return render_template('index.html') 65 | @app.route('/get_report_data', methods=['POST', 'GET']) 66 | def get_report_data(): 67 | website_url = request.json.get('website_url') 68 | report_file_name = web_vulnerability_scan(website_url) 69 | with open(report_file_name, 'r') as report_file: 70 | tool_output = report_file.readlines() 71 | 72 | return jsonify({'tool_output': tool_output}) 73 | 74 | if __name__ == '__main__': 75 | app.run(debug=True) -------------------------------------------------------------------------------- /templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | Welcome to the Web Vulnerability Scanner 7 | 8 | 84 | 89 | 90 | 91 | 92 |

93 |

94 |

95 |

Welcome to the Web Vulnerability Scanner

96 | 97 | 102 | 103 | 104 | -------------------------------------------------------------------------------- /templates/WindowManager.js: -------------------------------------------------------------------------------- 1 | class WindowManager 2 | { 3 | #windows; 4 | #count; 5 | #id; 6 | #winData; 7 | #winShapeChangeCallback; 8 | #winChangeCallback; 9 | 10 | constructor () 11 | { 12 | let that = this; 13 | 14 | // event listener for when localStorage is changed from another window 15 | addEventListener("storage", (event) => 16 | { 17 | if (event.key == "windows") 18 | { 19 | let newWindows = JSON.parse(event.newValue); 20 | let winChange = that.#didWindowsChange(that.#windows, newWindows); 21 | 22 | that.#windows = newWindows; 23 | 24 | if (winChange) 25 | { 26 | if (that.#winChangeCallback) that.#winChangeCallback(); 27 | } 28 | } 29 | }); 30 | 31 | // event listener for when current window is about to ble closed 32 | window.addEventListener('beforeunload', function (e) 33 | { 34 | let index = that.getWindowIndexFromId(that.#id); 35 | 36 | //remove this window from the list and update local storage 37 | that.#windows.splice(index, 1); 38 | that.updateWindowsLocalStorage(); 39 | }); 40 | } 41 | 42 | // check if theres any changes to the window list 43 | #didWindowsChange (pWins, nWins) 44 | { 45 | if (pWins.length != nWins.length) 46 | { 47 | return true; 48 | } 49 | else 50 | { 51 | let c = false; 52 | 53 | for (let i = 0; i < pWins.length; i++) 54 | { 55 | if (pWins[i].id != nWins[i].id) c = true; 56 | } 57 | 58 | return c; 59 | } 60 | } 61 | 62 | // initiate current window (add metadata for custom data to store with each window instance) 63 | init (metaData) 64 | { 65 | this.#windows = JSON.parse(localStorage.getItem("windows")) || []; 66 | this.#count= localStorage.getItem("count") || 0; 67 | this.#count++; 68 | 69 | this.#id = this.#count; 70 | let shape = this.getWinShape(); 71 | this.#winData = {id: this.#id, shape: shape, metaData: metaData}; 72 | this.#windows.push(this.#winData); 73 | 74 | localStorage.setItem("count", this.#count); 75 | this.updateWindowsLocalStorage(); 76 | } 77 | 78 | getWinShape () 79 | { 80 | let shape = {x: window.screenLeft, y: window.screenTop, w: window.innerWidth, h: window.innerHeight}; 81 | return shape; 82 | } 83 | 84 | getWindowIndexFromId (id) 85 | { 86 | let index = -1; 87 | 88 | for (let i = 0; i < this.#windows.length; i++) 89 | { 90 | if (this.#windows[i].id == id) index = i; 91 | } 92 | 93 | return index; 94 | } 95 | 96 | updateWindowsLocalStorage () 97 | { 98 | localStorage.setItem("windows", JSON.stringify(this.#windows)); 99 | } 100 | 101 | update () 102 | { 103 | //console.log(step); 104 | let winShape = this.getWinShape(); 105 | 106 | //console.log(winShape.x, winShape.y); 107 | 108 | if (winShape.x != this.#winData.shape.x || 109 | winShape.y != this.#winData.shape.y || 110 | winShape.w != this.#winData.shape.w || 111 | winShape.h != this.#winData.shape.h) 112 | { 113 | 114 | this.#winData.shape = winShape; 115 | 116 | let index = this.getWindowIndexFromId(this.#id); 117 | this.#windows[index].shape = winShape; 118 | 119 | //console.log(windows); 120 | if (this.#winShapeChangeCallback) this.#winShapeChangeCallback(); 121 | this.updateWindowsLocalStorage(); 122 | } 123 | } 124 | 125 | setWinShapeChangeCallback (callback) 126 | { 127 | this.#winShapeChangeCallback = callback; 128 | } 129 | 130 | setWinChangeCallback (callback) 131 | { 132 | this.#winChangeCallback = callback; 133 | } 134 | 135 | getWindows () 136 | { 137 | return this.#windows; 138 | } 139 | 140 | getThisWindowData () 141 | { 142 | return this.#winData; 143 | } 144 | 145 | getThisWindowID () 146 | { 147 | return this.#id; 148 | } 149 | } 150 | 151 | export default WindowManager; -------------------------------------------------------------------------------- /templates/main.js: -------------------------------------------------------------------------------- 1 | import WindowManager from './WindowManager.js' 2 | 3 | 4 | 5 | const t = THREE; 6 | let camera, scene, renderer, world; 7 | let near, far; 8 | let pixR = window.devicePixelRatio ? window.devicePixelRatio : 1; 9 | let cubes = []; 10 | let sceneOffsetTarget = {x: 0, y: 0}; 11 | let sceneOffset = {x: 0, y: 0}; 12 | 13 | let today = new Date(); 14 | today.setHours(0); 15 | today.setMinutes(0); 16 | today.setSeconds(0); 17 | today.setMilliseconds(0); 18 | today = today.getTime(); 19 | 20 | let internalTime = getTime(); 21 | let windowManager; 22 | let initialized = false; 23 | 24 | // get time in seconds since beginning of the day (so that all windows use the same time) 25 | function getTime () 26 | { 27 | return (new Date().getTime() - today) / 1000.0; 28 | } 29 | 30 | 31 | if (new URLSearchParams(window.location.search).get("clear")) 32 | { 33 | localStorage.clear(); 34 | } 35 | else 36 | { 37 | // this code is essential to circumvent that some browsers preload the content of some pages before you actually hit the url 38 | document.addEventListener("visibilitychange", () => 39 | { 40 | if (document.visibilityState != 'hidden' && !initialized) 41 | { 42 | init(); 43 | } 44 | }); 45 | 46 | window.onload = () => { 47 | if (document.visibilityState != 'hidden') 48 | { 49 | init(); 50 | } 51 | }; 52 | 53 | function init () 54 | { 55 | initialized = true; 56 | 57 | // add a short timeout because window.offsetX reports wrong values before a short period 58 | setTimeout(() => { 59 | setupScene(); 60 | setupWindowManager(); 61 | resize(); 62 | updateWindowShape(false); 63 | render(); 64 | window.addEventListener('resize', resize); 65 | }, 500) 66 | } 67 | 68 | function setupScene () 69 | { 70 | camera = new t.OrthographicCamera(0, 0, window.innerWidth, window.innerHeight, -10000, 10000); 71 | 72 | camera.position.z = 2.5; 73 | near = camera.position.z - .5; 74 | far = camera.position.z + 0.5; 75 | 76 | scene = new t.Scene(); 77 | scene.background = new t.Color(0.0); 78 | scene.add( camera ); 79 | 80 | renderer = new t.WebGLRenderer({antialias: true, depthBuffer: true}); 81 | renderer.setPixelRatio(pixR); 82 | 83 | world = new t.Object3D(); 84 | scene.add(world); 85 | 86 | renderer.domElement.setAttribute("id", "scene"); 87 | document.body.appendChild( renderer.domElement ); 88 | } 89 | 90 | function setupWindowManager () 91 | { 92 | windowManager = new WindowManager(); 93 | windowManager.setWinShapeChangeCallback(updateWindowShape); 94 | windowManager.setWinChangeCallback(windowsUpdated); 95 | 96 | // here you can add your custom metadata to each windows instance 97 | let metaData = {foo: "bar"}; 98 | 99 | // this will init the windowmanager and add this window to the centralised pool of windows 100 | windowManager.init(metaData); 101 | 102 | // call update windows initially (it will later be called by the win change callback) 103 | windowsUpdated(); 104 | } 105 | 106 | function windowsUpdated () 107 | { 108 | updateNumberOfCubes(); 109 | } 110 | 111 | function updateNumberOfCubes () 112 | { 113 | let wins = windowManager.getWindows(); 114 | 115 | // remove all cubes 116 | cubes.forEach((c) => { 117 | world.remove(c); 118 | }) 119 | 120 | cubes = []; 121 | 122 | // add new cubes based on the current window setup 123 | for (let i = 0; i < wins.length; i++) 124 | { 125 | let win = wins[i]; 126 | 127 | let c = new t.Color(); 128 | c.setHSL(i * .1, 1.0, .5); 129 | 130 | let s = 100 + i * 50; 131 | let cube = new t.Mesh(new t.BoxGeometry(s, s, s), new t.MeshBasicMaterial({color: c , wireframe: true})); 132 | cube.position.x = win.shape.x + (win.shape.w * .5); 133 | cube.position.y = win.shape.y + (win.shape.h * .5); 134 | 135 | world.add(cube); 136 | cubes.push(cube); 137 | } 138 | } 139 | 140 | function updateWindowShape (easing = true) 141 | { 142 | // storing the actual offset in a proxy that we update against in the render function 143 | sceneOffsetTarget = {x: -window.screenX, y: -window.screenY}; 144 | if (!easing) sceneOffset = sceneOffsetTarget; 145 | } 146 | 147 | 148 | function render () 149 | { 150 | let t = getTime(); 151 | 152 | windowManager.update(); 153 | 154 | 155 | // calculate the new position based on the delta between current offset and new offset times a falloff value (to create the nice smoothing effect) 156 | let falloff = .05; 157 | sceneOffset.x = sceneOffset.x + ((sceneOffsetTarget.x - sceneOffset.x) * falloff); 158 | sceneOffset.y = sceneOffset.y + ((sceneOffsetTarget.y - sceneOffset.y) * falloff); 159 | 160 | // set the world position to the offset 161 | world.position.x = sceneOffset.x; 162 | world.position.y = sceneOffset.y; 163 | 164 | let wins = windowManager.getWindows(); 165 | 166 | 167 | // loop through all our cubes and update their positions based on current window positions 168 | for (let i = 0; i < cubes.length; i++) 169 | { 170 | let cube = cubes[i]; 171 | let win = wins[i]; 172 | let _t = t;// + i * .2; 173 | 174 | let posTarget = {x: win.shape.x + (win.shape.w * .5), y: win.shape.y + (win.shape.h * .5)} 175 | 176 | cube.position.x = cube.position.x + (posTarget.x - cube.position.x) * falloff; 177 | cube.position.y = cube.position.y + (posTarget.y - cube.position.y) * falloff; 178 | cube.rotation.x = _t * .5; 179 | cube.rotation.y = _t * .3; 180 | }; 181 | 182 | renderer.render(scene, camera); 183 | requestAnimationFrame(render); 184 | } 185 | 186 | 187 | // resize the renderer to fit the window size 188 | function resize () 189 | { 190 | let width = window.innerWidth; 191 | let height = window.innerHeight 192 | 193 | camera = new t.OrthographicCamera(0, width, 0, height, -10000, 10000); 194 | camera.updateProjectionMatrix(); 195 | renderer.setSize( width, height ); 196 | } 197 | } -------------------------------------------------------------------------------- /report/robots_emsi.ma.txt: -------------------------------------------------------------------------------- 1 | Content: User-agent: * 2 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 3 | 4 | Sitemap: https://emsi.ma/sitemap.xml 5 | Sitemap: https://emsi.ma/sitemap.rss 6 | Content: User-agent: * 7 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 8 | 9 | Sitemap: https://emsi.ma/sitemap.xml 10 | Sitemap: https://emsi.ma/sitemap.rss 11 | Content: User-agent: * 12 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 13 | 14 | Sitemap: https://emsi.ma/sitemap.xml 15 | Sitemap: https://emsi.ma/sitemap.rss 16 | Content: User-agent: * 17 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 18 | 19 | Sitemap: https://emsi.ma/sitemap.xml 20 | Sitemap: https://emsi.ma/sitemap.rss 21 | Content: User-agent: * 22 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 23 | 24 | Sitemap: https://emsi.ma/sitemap.xml 25 | Sitemap: https://emsi.ma/sitemap.rss 26 | Content: User-agent: * 27 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 28 | 29 | Sitemap: https://emsi.ma/sitemap.xml 30 | Sitemap: https://emsi.ma/sitemap.rss 31 | Content: User-agent: * 32 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 33 | 34 | Sitemap: https://emsi.ma/sitemap.xml 35 | Sitemap: https://emsi.ma/sitemap.rss 36 | Content: User-agent: * 37 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 38 | 39 | Sitemap: https://emsi.ma/sitemap.xml 40 | Sitemap: https://emsi.ma/sitemap.rss 41 | Content: User-agent: * 42 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 43 | 44 | Sitemap: https://emsi.ma/sitemap.xml 45 | Sitemap: https://emsi.ma/sitemap.rss 46 | Content: User-agent: * 47 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 48 | 49 | Sitemap: https://emsi.ma/sitemap.xml 50 | Sitemap: https://emsi.ma/sitemap.rss 51 | Content: User-agent: * 52 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 53 | 54 | Sitemap: https://emsi.ma/sitemap.xml 55 | Sitemap: https://emsi.ma/sitemap.rss 56 | Content: User-agent: * 57 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 58 | 59 | Sitemap: https://emsi.ma/sitemap.xml 60 | Sitemap: https://emsi.ma/sitemap.rss 61 | Content: User-agent: * 62 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 63 | 64 | Sitemap: https://emsi.ma/sitemap.xml 65 | Sitemap: https://emsi.ma/sitemap.rss 66 | Content: User-agent: * 67 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 68 | 69 | Sitemap: https://emsi.ma/sitemap.xml 70 | Sitemap: https://emsi.ma/sitemap.rss 71 | Content: User-agent: * 72 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 73 | 74 | Sitemap: https://emsi.ma/sitemap.xml 75 | Sitemap: https://emsi.ma/sitemap.rss 76 | Content: User-agent: * 77 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 78 | 79 | Sitemap: https://emsi.ma/sitemap.xml 80 | Sitemap: https://emsi.ma/sitemap.rss 81 | Content: User-agent: * 82 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 83 | 84 | Sitemap: https://emsi.ma/sitemap.xml 85 | Sitemap: https://emsi.ma/sitemap.rss 86 | Content: User-agent: * 87 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 88 | 89 | Sitemap: https://emsi.ma/sitemap.xml 90 | Sitemap: https://emsi.ma/sitemap.rss 91 | Content: User-agent: * 92 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 93 | 94 | Sitemap: https://emsi.ma/sitemap.xml 95 | Sitemap: https://emsi.ma/sitemap.rss 96 | Content: User-agent: * 97 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 98 | 99 | Sitemap: https://emsi.ma/sitemap.xml 100 | Sitemap: https://emsi.ma/sitemap.rss 101 | Content: User-agent: * 102 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 103 | 104 | Sitemap: https://emsi.ma/sitemap.xml 105 | Sitemap: https://emsi.ma/sitemap.rss 106 | Content: User-agent: * 107 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 108 | 109 | Sitemap: https://emsi.ma/sitemap.xml 110 | Sitemap: https://emsi.ma/sitemap.rss 111 | Content: User-agent: * 112 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 113 | 114 | Sitemap: https://emsi.ma/sitemap.xml 115 | Sitemap: https://emsi.ma/sitemap.rss 116 | Content: User-agent: * 117 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 118 | 119 | Sitemap: https://emsi.ma/sitemap.xml 120 | Sitemap: https://emsi.ma/sitemap.rss 121 | Content: User-agent: * 122 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 123 | 124 | Sitemap: https://emsi.ma/sitemap.xml 125 | Sitemap: https://emsi.ma/sitemap.rss 126 | Content: User-agent: * 127 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 128 | 129 | Sitemap: https://emsi.ma/sitemap.xml 130 | Sitemap: https://emsi.ma/sitemap.rss 131 | Content: User-agent: * 132 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 133 | 134 | Sitemap: https://emsi.ma/sitemap.xml 135 | Sitemap: https://emsi.ma/sitemap.rss 136 | Content: User-agent: * 137 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 138 | 139 | Sitemap: https://emsi.ma/sitemap.xml 140 | Sitemap: https://emsi.ma/sitemap.rss 141 | Content: User-agent: * 142 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 143 | 144 | Sitemap: https://emsi.ma/sitemap.xml 145 | Sitemap: https://emsi.ma/sitemap.rss 146 | Content: User-agent: * 147 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 148 | 149 | Sitemap: https://emsi.ma/sitemap.xml 150 | Sitemap: https://emsi.ma/sitemap.rss 151 | Content: User-agent: * 152 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 153 | 154 | Sitemap: https://emsi.ma/sitemap.xml 155 | Sitemap: https://emsi.ma/sitemap.rss 156 | Content: User-agent: * 157 | Disallow: /wp-content/uploads/wpo-plugins-tables-list.json 158 | 159 | Sitemap: https://emsi.ma/sitemap.xml 160 | Sitemap: https://emsi.ma/sitemap.rss 161 | -------------------------------------------------------------------------------- /crawler/crawl_github.com.txt: -------------------------------------------------------------------------------- 1 | [+] Links:https://github.com/css 2 | [+] Links:https://github.com/js 3 | [+] Links:https://github.com/wp-content 4 | [+] Links:https://github.com/robots.txt 5 | [+] Links:https://github.com/assets 6 | [+] Links:https://github.com/wp-admin 7 | [+] Links:https://github.com/wp-includes 8 | [+] Links:https://github.com/img 9 | [+] Links:https://github.com/fonts 10 | [+] Links:https://github.com/vendor 11 | [+] Links:https://github.com/uploads 12 | [+] Links:https://github.com/templates 13 | [+] Links:https://github.com/app 14 | [+] Links:https://github.com/cgi-bin 15 | [+] Links:https://github.com/system 16 | [+] Links:https://github.com/themes 17 | [+] Links:https://github.com/includes 18 | [+] Links:https://github.com/media 19 | [+] Links:https://github.com/application 20 | [+] Links:https://github.com/manifest.json 21 | [+] Links:https://github.com/upload 22 | [+] Links:https://github.com/scripts 23 | [+] Links:https://github.com/lib 24 | [+] Links:https://github.com/public 25 | [+] Links:https://github.com/config 26 | [+] Links:https://github.com/pdf 27 | [+] Links:https://github.com/test 28 | [+] Links:https://github.com/data 29 | [+] Links:https://github.com/modules 30 | [+] Links:https://github.com/blog 31 | [+] Links:https://github.com/resources 32 | [+] Links:https://github.com/docs 33 | [+] Links:https://github.com/video 34 | [+] Links:https://github.com/catalog 35 | [+] Links:https://github.com/src 36 | [+] Links:https://github.com/scss 37 | [+] Links:https://github.com/BingSiteAuth.xml 38 | [+] Links:https://github.com/styles 39 | [+] Links:https://github.com/videos 40 | [+] Links:https://github.com/inc 41 | [+] Links:https://github.com/about 42 | [+] Links:https://github.com/install 43 | [+] Links:https://github.com/font 44 | [+] Links:https://github.com/bootstrap 45 | [+] Links:https://github.com/tools 46 | [+] Links:https://github.com/tmp 47 | [+] Links:https://github.com/download 48 | [+] Links:https://github.com/build 49 | [+] Links:https://github.com/ads 50 | [+] Links:https://github.com/php 51 | [+] Links:https://github.com/content 52 | [+] Links:https://github.com/ckeditor 53 | [+] Links:https://github.com/crossdomain.xml 54 | [+] Links:https://github.com/common 55 | [+] Links:https://github.com/include 56 | [+] Links:https://github.com/icons 57 | [+] Links:https://github.com/controllers 58 | [+] Links:https://github.com/mobile 59 | [+] Links:https://github.com/tests 60 | [+] Links:https://github.com/bundles 61 | [+] Links:https://github.com/en 62 | [+] Links:https://github.com/dist 63 | [+] Links:https://github.com/sass 64 | [+] Links:https://github.com/svg 65 | [+] Links:https://github.com/keywords 66 | [+] Links:https://github.com/contact 67 | [+] Links:https://github.com/support 68 | [+] Links:https://github.com/libs 69 | [+] Links:https://github.com/ajax 70 | [+] Links:https://github.com/search 71 | [+] Links:https://github.com/template 72 | [+] Links:https://github.com/components 73 | [+] Links:https://github.com/cms 74 | [+] Links:https://github.com/temp 75 | [+] Links:https://github.com/bin 76 | [+] Links:https://github.com/database 77 | [+] Links:https://github.com/logs 78 | [+] Links:https://github.com/sitemap.php 79 | [+] Links:https://github.com/maps 80 | [+] Links:https://github.com/demo 81 | [+] Links:https://github.com/stylesheets 82 | [+] Links:https://github.com/sites 83 | [+] Links:https://github.com/sitemap 84 | [+] Links:https://github.com/services 85 | [+] Links:https://github.com/html 86 | [+] Links:https://github.com/contact.php 87 | [+] Links:https://github.com/sitemaps 88 | [+] Links:https://github.com/local 89 | [+] Links:https://github.com/games 90 | [+] Links:https://github.com/audio 91 | [+] Links:https://github.com/WEB-INF 92 | [+] Links:https://github.com/webfonts 93 | [+] Links:https://github.com/routes 94 | [+] Links:https://github.com/javascript 95 | [+] Links:https://github.com/pages 96 | [+] Links:https://github.com/newsletter 97 | [+] Links:https://github.com/home 98 | [+] Links:https://github.com/help 99 | [+] Links:https://github.com/bfb 100 | [+] Links:https://github.com/views 101 | [+] Links:https://github.com/var 102 | [+] Links:https://github.com/Templates 103 | [+] Links:https://github.com/language 104 | [+] Links:https://github.com/icon 105 | [+] Links:https://github.com/frontend 106 | [+] Links:https://github.com/favicon 107 | [+] Links:https://github.com/events 108 | [+] Links:https://github.com/documents 109 | [+] Links:https://github.com/web 110 | [+] Links:https://github.com/privacy 111 | [+] Links:https://github.com/dev 112 | [+] Links:https://github.com/console 113 | [+] Links:https://github.com/apps 114 | [+] Links:https://github.com/nbproject 115 | [+] Links:https://github.com/libraries 116 | [+] Links:https://github.com/ckfinder 117 | [+] Links:https://github.com/banner 118 | [+] Links:https://github.com/qa-tests 119 | [+] Links:https://github.com/logout.php 120 | [+] Links:https://github.com/theme 121 | [+] Links:https://github.com/sports 122 | [+] Links:https://github.com/photos 123 | [+] Links:https://github.com/mails 124 | [+] Links:https://github.com/log 125 | [+] Links:https://github.com/localization 126 | [+] Links:https://github.com/core 127 | [+] Links:https://github.com/bitrix 128 | [+] Links:https://github.com/banners 129 | [+] Links:https://github.com/backup 130 | [+] Links:https://github.com/backend 131 | [+] Links:https://github.com/misc 132 | [+] Links:https://github.com/logo 133 | [+] Links:https://github.com/lang 134 | [+] Links:https://github.com/engine 135 | [+] Links:https://github.com/careers 136 | [+] Links:https://github.com/about.php 137 | [+] Links:https://github.com/Scripts 138 | [+] Links:https://github.com/wp 139 | [+] Links:https://github.com/stats 140 | [+] Links:https://github.com/speedtest 141 | [+] Links:https://github.com/logos 142 | [+] Links:https://github.com/less 143 | [+] Links:https://github.com/dashboard 144 | [+] Links:https://github.com/rss 145 | [+] Links:https://github.com/radio 146 | [+] Links:https://github.com/favicons 147 | [+] Links:https://github.com/webservice 148 | [+] Links:https://github.com/mail 149 | [+] Links:https://github.com/lp 150 | [+] Links:https://github.com/json 151 | [+] Links:https://github.com/forms 152 | [+] Links:https://github.com/db 153 | [+] Links:https://github.com/asset 154 | [+] Links:https://github.com/artisan 155 | [+] Links:https://github.com/archive 156 | [+] Links:https://github.com/translate 157 | [+] Links:https://github.com/swal 158 | [+] Links:https://github.com/pdfconverter 159 | [+] Links:https://github.com/override 160 | [+] Links:https://github.com/global 161 | [+] Links:https://github.com/front 162 | [+] Links:https://github.com/font-awesome 163 | [+] Links:https://github.com/yss 164 | [+] Links:https://github.com/transit 165 | [+] Links:https://github.com/smartSearch 166 | [+] Links:https://github.com/shop 167 | [+] Links:https://github.com/searchsafe 168 | [+] Links:https://github.com/searchplus 169 | [+] Links:https://github.com/searcheasy 170 | [+] Links:https://github.com/products 171 | [+] Links:https://github.com/pokemon 172 | [+] Links:https://github.com/overlay 173 | [+] Links:https://github.com/moviesearch 174 | [+] Links:https://github.com/landing 175 | [+] Links:https://github.com/dogs 176 | [+] Links:https://github.com/cli 177 | [+] Links:https://github.com/cheapflights 178 | [+] Links:https://github.com/administrator 179 | [+] Links:https://github.com/TV 180 | [+] Links:https://github.com/Recipe 181 | [+] Links:https://github.com/404 182 | [+] Links:https://github.com/wordpress 183 | [+] Links:https://github.com/update 184 | [+] Links:https://github.com/sounds 185 | [+] Links:https://github.com/flash 186 | [+] Links:https://github.com/es 187 | [+] Links:https://github.com/cron 188 | [+] Links:https://github.com/articles 189 | [+] Links:https://github.com/script 190 | [+] Links:https://github.com/partials 191 | [+] Links:https://github.com/m 192 | [+] Links:https://github.com/captcha 193 | [+] Links:https://github.com/Core 194 | [+] Links:https://github.com/red 195 | [+] Links:https://github.com/packs 196 | [+] Links:https://github.com/newsletters 197 | [+] Links:https://github.com/emails 198 | [+] Links:https://github.com/doc 199 | [+] Links:https://github.com/company 200 | [+] Links:https://github.com/blogs 201 | [+] Links:https://github.com/archivos 202 | [+] Links:https://github.com/LICENSE 203 | [+] Links:https://github.com/CONTRIBUTING.md 204 | [+] Links:https://github.com/Adapter 205 | [+] Links:https://github.com/player 206 | [+] Links:https://github.com/maintenance 207 | [+] Links:https://github.com/i 208 | [+] Links:https://github.com/gallery 209 | [+] Links:https://github.com/flags 210 | [+] Links:https://github.com/calendar 211 | [+] Links:https://github.com/avatars 212 | [+] Links:https://github.com/PHPMailer 213 | [+] Links:https://github.com/readme.rst 214 | [+] Links:https://github.com/readme.md 215 | [+] Links:https://github.com/pub 216 | [+] Links:https://github.com/online 217 | [+] Links:https://github.com/login 218 | [+] Links:https://github.com/features 219 | [+] Links:https://github.com/export 220 | [+] Links:https://github.com/errors 221 | [+] Links:https://github.com/xml 222 | [+] Links:https://github.com/widgets 223 | -------------------------------------------------------------------------------- /report/links_emsi.ma.txt: -------------------------------------------------------------------------------- 1 | [+]Links:https://ogp.me/ns# 2 | [+]Links:http://gmpg.org/xfn/11 3 | [+]Links:https://emsi.ma/xmlrpc.php 4 | [+]Links:https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f) 5 | [+]Links:aioseo.com 6 | [+]Links:https://emsi.ma/ 7 | [+]Links:https://emsi.ma/ 8 | [+]Links:schema.org 9 | [+]Links:emsi.ma 10 | [+]Links:emsi.ma 11 | [+]Links:emsi.ma 12 | [+]Links:emsi.ma 13 | [+]Links:emsi.ma 14 | [+]Links:emsi.ma 15 | [+]Links:emsi.ma 16 | [+]Links:emsi.ma 17 | [+]Links:emsi.ma 18 | [+]Links:emsi.ma 19 | [+]Links:emsi.ma 20 | [+]Links:emsi.ma 21 | [+]Links:emsi.ma 22 | [+]Links:emsi.ma 23 | [+]Links:emsi.ma 24 | [+]Links:emsi.ma 25 | [+]Links:emsi.ma 26 | [+]Links:fonts.googleapis.com 27 | [+]Links:c0.wp.com 28 | [+]Links:https://emsi.ma/feed/ 29 | [+]Links:https://emsi.ma/comments/feed/ 30 | [+]Links:https://emsi.ma/events/?ical=1 31 | [+]Links:https://emsi.ma/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.eot#1694968439 32 | [+]Links:https://emsi.ma/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.eot#1694968439 33 | [+]Links:https://emsi.ma/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2#1694968439 34 | [+]Links:https://emsi.ma/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff#1694968439 35 | [+]Links:https://emsi.ma/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.ttf#1694968439 36 | [+]Links:https://emsi.ma/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.svg?v=4.7.0#fontawesomeregular 37 | [+]Links:https://fonts.gstatic.com/s/abeezee/v22/esDT31xSG-6AGleN2tCUnJ8DOJKuGPLB.woff2 38 | [+]Links:https://fonts.gstatic.com/s/abeezee/v22/esDT31xSG-6AGleN2tCUkp8DOJKuGA.woff2 39 | [+]Links:https://fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tukkJUEGpCeGQ.woff2 40 | [+]Links:https://fonts.gstatic.com/s/abeezee/v22/esDR31xSG-6AGleN2tWkkJUEGpA.woff2 41 | [+]Links:wp-block-columns.is 42 | [+]Links:wp-block-columns.is 43 | [+]Links:wp-block-post-template.is 44 | [+]Links:wp-block-post-template.is 45 | [+]Links:wp-block-post-template.is 46 | [+]Links:wp-block-post-template.is 47 | [+]Links:wp-block-columns.is 48 | [+]Links:wp-block-columns.is 49 | [+]Links:https://c0.wp.com/c/6.4.2/wp-includes/css/dist/block-library/style.min.css 50 | [+]Links:https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css 51 | [+]Links:https://c0.wp.com/c/6.4.2/wp-includes/js/mediaelement/wp-mediaelement.min.css 52 | [+]Links:https://emsi.ma/wp-content/cache/wpo-minify/1694968439/assets/wpo-minify-header-702a3e8b.min.css 53 | [+]Links:https://c0.wp.com/p/jetpack/11.4.1/css/jetpack.css 54 | [+]Links:https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js 55 | [+]Links:https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery-migrate.min.js 56 | [+]Links:https://emsi.ma/wp-content/themes/kingster/js/html5.js 57 | [+]Links:https://emsi.ma/xmlrpc.php?rsd 58 | [+]Links:https://emsi.ma/ 59 | [+]Links:https://emsi.ma/wp-json/oembed/1.0/embed?url=https%3A%2F%2Femsi.ma%2F 60 | [+]Links:https://emsi.ma/wp-json/oembed/1.0/embed?url=https%3A%2F%2Femsi.ma%2F&format=xml 61 | [+]Links:https://emsi.ma 62 | [+]Links:https://emsi.ma/wp-json/tribe/events/v1/ 63 | [+]Links:https://emsi.ma/wp-admin/admin-ajax.php 64 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/cropped-emsi_logo-32x32.png 65 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/cropped-emsi_logo-192x192.png 66 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/cropped-emsi_logo-180x180.png 67 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/cropped-emsi_logo-270x270.png 68 | [+]Links:e.mh 69 | [+]Links:e.mh 70 | [+]Links:e.mh 71 | [+]Links:e.mh 72 | [+]Links:e.mh 73 | [+]Links:e.mh 74 | [+]Links:https://www.googletagmanager.com/ns.html?id=GTM-WVGGCML 75 | [+]Links:https://emsi.ma/ 76 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/logo.png 77 | [+]Links:https://emsi.ma/mot-du-president/ 78 | [+]Links:https://emsi.ma/decouvrir-lemsi2/ 79 | [+]Links:https://emsi.ma/nos-campus/ 80 | [+]Links:https://emsi.ma/nos-valeurs/ 81 | [+]Links:https://emsi.ma/mot-du-ceo/ 82 | [+]Links:https://emsi.ma/reseau-honoris/ 83 | [+]Links:https://emsi.ma/mission-et-valeurs/ 84 | [+]Links:https://emsi.ma/admissions-post-bac/ 85 | [+]Links:https://emsi.ma/admissions-paralleles/ 86 | [+]Links:https://emsi.ma/frais-et-financement/ 87 | [+]Links:https://emsi.ma/cursus-des-etudes/ 88 | [+]Links:https://emsi.ma/filieres-et-programmes/ 89 | [+]Links:https://emsi.ma/certifications-technologiques/ 90 | [+]Links:https://emsi.ma/partenariats-a-linternational/ 91 | [+]Links:https://emsi.ma/linfrastructure-globale/ 92 | [+]Links:https://emsi.ma/espaces-de-partages/ 93 | [+]Links:https://emsi.ma/nos-recruteurs/ 94 | [+]Links:https://emsi.ma/alumni-2/ 95 | [+]Links:https://emsi.ma/temoignages/ 96 | [+]Links:https://emsi.ma/centre-de-carrieres/ 97 | [+]Links:https://emsi.ma/guide-pratique-de-lemployabilite/ 98 | [+]Links:https://emsi.ma/employabilite/honoris-21st-century-skills-certificate/ 99 | [+]Links:https://emsi.ma/temoignages-entreprises/ 100 | [+]Links:https://emsi.ma/temoignages-des-etudiants/ 101 | [+]Links:https://emsi.ma/strategie-emsi-groupe/ 102 | [+]Links:https://emsi.ma/prix-et-distinctions/ 103 | [+]Links:https://emsi.ma/laboratoires-de-recherches/ 104 | [+]Links:https://emsi.ma/campus-life/ 105 | [+]Links:https://www.facebook.com/emsi.ma/ 106 | [+]Links:https://www.linkedin.com/school/ecole-marocaine-des-sciences-de-l'ing%C3%A9nieur 107 | [+]Links:https://www.youtube.com/channel/UC5BiOBai2N48ytbCRQWWqJw 108 | [+]Links:https://instagram.com/groupe.emsi?igshid=7rikpderxqla 109 | [+]Links:https://emsi.ma/nos-campus/ 110 | [+]Links:https://emsi.ma/event-calendar/ 111 | [+]Links:https://emsi.ma/candidature 112 | [+]Links:https://emsi.ma/ 113 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/logo.png 114 | [+]Links:https://emsi.ma/mot-du-president/ 115 | [+]Links:https://emsi.ma/decouvrir-lemsi2/ 116 | [+]Links:https://emsi.ma/nos-campus/ 117 | [+]Links:https://emsi.ma/nos-valeurs/ 118 | [+]Links:https://emsi.ma/mot-du-ceo/ 119 | [+]Links:https://emsi.ma/reseau-honoris/ 120 | [+]Links:https://emsi.ma/mission-et-valeurs/ 121 | [+]Links:https://emsi.ma/admissions-post-bac/ 122 | [+]Links:https://emsi.ma/admissions-paralleles/ 123 | [+]Links:https://emsi.ma/frais-et-financement/ 124 | [+]Links:https://emsi.ma/cursus-des-etudes/ 125 | [+]Links:https://emsi.ma/filieres-et-programmes/ 126 | [+]Links:https://emsi.ma/certifications-technologiques/ 127 | [+]Links:https://emsi.ma/partenariats-a-linternational/ 128 | [+]Links:https://emsi.ma/linfrastructure-globale/ 129 | [+]Links:https://emsi.ma/espaces-de-partages/ 130 | [+]Links:https://emsi.ma/nos-recruteurs/ 131 | [+]Links:https://emsi.ma/alumni-2/ 132 | [+]Links:https://emsi.ma/temoignages/ 133 | [+]Links:https://emsi.ma/centre-de-carrieres/ 134 | [+]Links:https://emsi.ma/guide-pratique-de-lemployabilite/ 135 | [+]Links:https://emsi.ma/employabilite/honoris-21st-century-skills-certificate/ 136 | [+]Links:https://emsi.ma/temoignages-entreprises/ 137 | [+]Links:https://emsi.ma/temoignages-des-etudiants/ 138 | [+]Links:https://emsi.ma/strategie-emsi-groupe/ 139 | [+]Links:https://emsi.ma/prix-et-distinctions/ 140 | [+]Links:https://emsi.ma/laboratoires-de-recherches/ 141 | [+]Links:https://emsi.ma/campus-life/ 142 | [+]Links:emsi.ma/candidature 143 | [+]Links:emsi.ma/wp-content/plugins/revslider/public/assets/assets/dummy.png 144 | [+]Links:emsi.ma/wp-content/uploads/2023/06/21x10-slider-EMSI.jpg 145 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/MMPT5309-scaled.jpg 146 | [+]Links:https://emsi.ma/wp-content/uploads/2018/08/hp2-col-4.jpg 147 | [+]Links:https://emsi.ma/candidature 148 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1736-1-scaled-1.png 149 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1736-1-scaled-1-400x266.png 150 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1736-1-scaled-1-600x400.png 151 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1736-1-scaled-1-800x533.png 152 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1736-1-scaled-1.png 153 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1933-scaled-1.png 154 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1933-scaled-1-400x268.png 155 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1933-scaled-1-600x402.png 156 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1933-scaled-1-800x536.png 157 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/2L6A1933-scaled-1.png 158 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Laboratoire1.jpg 159 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Laboratoire1-400x266.jpg 160 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Laboratoire1-600x400.jpg 161 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Laboratoire1-800x533.jpg 162 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Laboratoire1.jpg 163 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Rea-11.jpg 164 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Rea-11-400x266.jpg 165 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Rea-11-600x400.jpg 166 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Rea-11-800x533.jpg 167 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/Rea-11.jpg 168 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/MMPT5559-scaled.jpg 169 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/MMPT5559-scaled-400x266.jpg 170 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/MMPT5559-scaled-600x400.jpg 171 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/MMPT5559-scaled-800x533.jpg 172 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/MMPT5559-scaled.jpg 173 | [+]Links:https://emsi.ma/wp-content/uploads/2020/07/3196-scaled.jpg 174 | [+]Links:https://emsi.ma/wp-content/uploads/2018/08/hp2-col-1.jpg 175 | [+]Links:https://renseignement-digital.emsi.ma/login/ 176 | [+]Links:https://emsi.ma/wp-content/uploads/2018/08/col-icon-3.png 177 | [+]Links:https://emsi.ma/wp-content/uploads/2018/08/col-icon-4.png 178 | [+]Links:https://emsi.ma/wp-content/uploads/2018/08/col-icon-2.png 179 | [+]Links:https://www.leconomiste.com/flash-infos/l-emsi-primee-tokyo 180 | [+]Links:https://www.leconomiste.com/flash-infos/tanger-l-anef-sensibilise-aux-risques-des-feux-de-foret 181 | [+]Links:https://leseco.ma/business/emsi-mohamed-essaidi-notre-relation-avec-les-entreprises-est-une-relation-de-proximite.html 182 | [+]Links:https://fr.media7.ma/les-technologies-de-lia-et-de-realite-virtuelle-sont-en-train-de-revolutionner-les-modes-denseignement-expert 183 | [+]Links:https://www.leconomiste.com/flash-infos/salon-des-inventions-d-istanbul-le-maroc-s-illustre 184 | [+]Links:https://fr.le7tv.ma/2022/10/05/concours-international-dinvention-a-londres-quatre-medailles-pour-le-maroc/ 185 | [+]Links:https://www.infomediaire.net/le-maroc-gagne-le-grand-prix-de-la-meilleure-invention-internationale-a-istanbul/ 186 | [+]Links:https://www.leconomiste.com/flash-infos/l-emsi-s-illustre-au-canada?fbclid=IwAR2A6JPErM6XV4lZlkAcd6JXBsDaJXl1dsvAs1dvmsBwKMjYbLZZ8IdLj-A 187 | [+]Links:https://www.leconomiste.com/flash-infos/innovation-l-emsi-primee-aux-etats-unis 188 | [+]Links:https://www.leconomiste.com/flash-infos/l-emsi-et-sothema-scellent-un-partenariat-strategique 189 | [+]Links:https://telquel.ma/2021/12/09/signature-dune-convention-de-partenariat-entre-axa-services-maroc-et-lecole-marocaine-des-sciences-de-lingenieur-emsi_1746649 190 | [+]Links:https://www.challenge.ma/cgem-kamal-daissaoui-elu-a-la-tete-de-lenseignement-prive-155119/ 191 | [+]Links:https://www.leconomiste.com/flash-infos/l-emsi-brille-la-silicon-valley 192 | [+]Links:https://northafricapost.com/41168-morocco-wins-three-gold-medals-at-euroinvent-fair.html 193 | [+]Links:https://2m.ma/fr/news/lemsi-decroche-2-medailles-dor-et-7-distinctions-au-salon-dinnovation-distanbul-20190923/ 194 | [+]Links:https://www.bladi.net/maroc-salon-international-inventions-geneve,55346.html 195 | [+]Links:https://fr.hibapress.com/news-48660.html 196 | [+]Links:https://emsi.ma/les-medias-parlent-de-nous/ 197 | [+]Links:https://emsi.ma/wp-content/uploads/2020/09/media.jpg 198 | [+]Links:https://www.youtube.com/watch?v=myd51ZQnTZk&t=29s 199 | [+]Links:https://emsi.ma/wp-content/uploads/2018/08/icon-play.png 200 | [+]Links:https://emsi.ma/event/journees-portes-ouvertes/ 201 | [+]Links:https://emsi.ma/event/jpo-2/ 202 | [+]Links:https://emsi.ma/wp-content/uploads/2022/06/35.jpg 203 | [+]Links:https://www.youtube.com/watch?v=42LgnruZWd8 204 | [+]Links:https://emsi.ma/wp-content/uploads/2018/08/icon-play.png 205 | [+]Links:https://www.facebook.com/emsi.ma/ 206 | [+]Links:https://www.linkedin.com/school/ecole-marocaine-des-sciences-de-l'ing%C3%A9nieur 207 | [+]Links:https://www.youtube.com/channel/UC5BiOBai2N48ytbCRQWWqJw 208 | [+]Links:https://instagram.com/groupe.emsi?igshid=7rikpderxqla 209 | [+]Links:https://emsi.ma/ingenierie-informatique-et-reseaux/ 210 | [+]Links:https://emsi.ma/ingenierie-financiere-et-audit/ 211 | [+]Links:https://emsi.ma/genie-civil-batiments-et-travaux-publics-btp/ 212 | [+]Links:https://emsi.ma/genie-industriel/ 213 | [+]Links:https://emsi.ma/ingenierie-des-automatismes-et-informatique-industrielle/ 214 | [+]Links:https://emsi.ma/?page_id=11169 215 | [+]Links:https://emsi.ma/admissions-post-bac/ 216 | [+]Links:https://emsi.ma/admissions-paralleles/ 217 | [+]Links:https://emsi.ma/frais-et-financement/ 218 | [+]Links:https://emsi.ma/nos-campus/ 219 | [+]Links:https://emsi.ma/charte-de-protection-des-donnees-a-caractere-personnel/ 220 | [+]Links:https://fonts.googleapis.com/css?family=Roboto:400&display=swap 221 | [+]Links:https://emsi.ma/wp-content/cache/wpo-minify/1694968439/assets/wpo-minify-footer-1fb2110e.min.css 222 | [+]Links:emsi.ma 223 | [+]Links:emsi.ma 224 | [+]Links:https://emsi.ma/wp-content/cache/wpo-minify/1694968439/assets/wpo-minify-footer-1a372242.min.js 225 | [+]Links:https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/ui/effect.min.js 226 | [+]Links:emsi.ma 227 | [+]Links:https://emsi.ma/wp-content/cache/wpo-minify/1694968439/assets/wpo-minify-footer-7fe308ed.min.js 228 | [+]Links:https://stats.wp.com/e-202352.js 229 | [+]Links:emsi.ma 230 | [+]Links:https://getwpo.com 231 | -------------------------------------------------------------------------------- /web-vulnerability-scanner.py: -------------------------------------------------------------------------------- 1 | import argparse 2 | import re 3 | import requests 4 | #from cms import CMSDetector 5 | import ssl 6 | import socket 7 | from lxml import html 8 | from urllib.parse import urlparse, parse_qs,urljoin 9 | import os 10 | import time 11 | import concurrent.futures 12 | 13 | 14 | desc = "KHTK - Web Vulnerability Scanner" 15 | parser = argparse.ArgumentParser(description=desc) 16 | parser.add_argument("action", help="Action: full xss sql fuzzing e-mail credit-card whois links portscanner urlEncode cyberthreatintelligence commandInjection directoryTraversal fileInclude headerCheck certificate method IP2Location FileInputAvailable") 17 | parser.add_argument("web_URL", help="URL") 18 | args = parser.parse_args() 19 | 20 | url = "" 21 | 22 | 23 | def commandInjection(url, dosyaAdi): 24 | try: 25 | deger = url.find("=") 26 | istek = url[:deger + 1] + ";cat%20/etc/passwd" 27 | sonuc = requests.get(istek, verify=False) 28 | if "www-data" in sonuc.content: 29 | print("[+]Command injection possible, payload: ;cat%20/etc/passwd") 30 | print("Response: ", sonuc.content) 31 | rapor = open(dosyaAdi, "a") 32 | raporIcerik = "[+]Command injection possible, payload: ;cat%20/etc/passwd\n" 33 | raporIcerik += "Response: " + sonuc.content + "\n" 34 | rapor.write(raporIcerik) 35 | rapor.close() 36 | else: 37 | print("[-]Command injection isn't possible, payload: ;cat%20/etc/passwd") 38 | print("Response: ", sonuc.content) 39 | rapor = open(dosyaAdi, "a") 40 | raporIcerik = "[-]Command injection isn't possible, payload: ;cat%20/etc/passwd\n" 41 | raporIcerik += "Response: " + sonuc.content + "\n" 42 | rapor.write(raporIcerik) 43 | rapor.close() 44 | except Exception as e: 45 | print(f"Error in commandInjection: {e}") 46 | pass 47 | 48 | def directoryTraversal(url, dosyaAdi): 49 | try: 50 | deger = url.find("=") 51 | istek = url[:deger + 1] + "../../../../../../etc/passwd" 52 | sonuc = requests.get(istek, verify=False) 53 | if "www-data" in sonuc.content: 54 | print("[+]Directory traversal possible, payload: ../../../../../../etc/passwd") 55 | print("Response: ", sonuc.content) 56 | rapor = open(dosyaAdi, "a") 57 | raporIcerik = "[+]Directory traversal possible, payload: ../../../../../../etc/passwd\n" 58 | raporIcerik += "Response: " + sonuc.content + "\n" 59 | rapor.write(raporIcerik) 60 | rapor.close() 61 | else: 62 | print("[-]Directory traversal isn't possible, payload: ../../../../../../etc/passwd") 63 | print("Response: ", sonuc.content) 64 | rapor = open(dosyaAdi, "a") 65 | raporIcerik = "[-]Directory traversal isn't possible, payload: ../../../../../../etc/passwd\n" 66 | raporIcerik += "Response: " + sonuc.content + "\n" 67 | rapor.write(raporIcerik) 68 | rapor.close() 69 | except Exception as e: 70 | print(f"Error in directoryTraversal: {e}") 71 | pass 72 | 73 | def fileInclude(url, dosyaAdi): 74 | try: 75 | deger = url.find("=") 76 | istek = url[:deger + 1] + "../../../../../../etc/passwd" 77 | sonuc = requests.get(istek, verify=False) 78 | if "www-data" in sonuc.content: 79 | print("[+]File include possible, payload: ../../../../../../etc/passwd") 80 | print("Response: ", sonuc.content) 81 | rapor = open(dosyaAdi, "a") 82 | raporIcerik = "[+]File include possible, payload: ../../../../../../etc/passwd\n" 83 | raporIcerik += "Response: " + sonuc.content + "\n" 84 | rapor.write(raporIcerik) 85 | rapor.close() 86 | else: 87 | print("[-]File include isn't possible, payload: ../../../../../../etc/passwd") 88 | print("Response: ", sonuc.content) 89 | rapor = open(dosyaAdi, "a") 90 | raporIcerik = "[-]File include isn't possible, payload: ../../../../../../etc/passwd\n" 91 | raporIcerik += "Response: " + sonuc.content + "\n" 92 | rapor.write(raporIcerik) 93 | rapor.close() 94 | except Exception as e: 95 | print(f"Error in fileInclude: {e}") 96 | pass 97 | 98 | def headerInformation(url, dosyaAdi): 99 | try: 100 | sonuc = requests.get(url, verify=False) 101 | headers = sonuc.headers 102 | print("[+] HTTP headers: \n", headers) 103 | rapor = open(dosyaAdi, "a") 104 | raporIcerik = "[+] HTTP headers: \n " + str(headers) + "\n" 105 | rapor.write(raporIcerik) 106 | rapor.close() 107 | except Exception as e: 108 | print(f"Error in headerInformation: {e}") 109 | pass 110 | 111 | def portScanner(url, dosyaAdi): 112 | try: 113 | deger = url.find("/") 114 | soket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 115 | soket.settimeout(1) 116 | for port in range(79, 85): 117 | if soket.connect_ex((url[:deger], port)) == 0: 118 | print("[+]Port open: ", port) 119 | rapor = open(dosyaAdi, "a") 120 | raporIcerik = "[+]Port open: " + str(port) + "\n" 121 | rapor.write(raporIcerik) 122 | rapor.close() 123 | else: 124 | print("[-]Port closed: ", port) 125 | rapor = open(dosyaAdi, "a") 126 | raporIcerik = "[-]Port closed: " + str(port) + "\n" 127 | rapor.write(raporIcerik) 128 | rapor.close() 129 | soket.close() 130 | except Exception as e: 131 | print(f"Error in portScanner: {e}") 132 | pass 133 | 134 | def robotstxtAvailable(url, dosyaAdi): 135 | try: 136 | response = requests.get(f"{url}/robots.txt", verify=False) 137 | 138 | if response.status_code == 200: 139 | print("[+] robots.txt is available") 140 | domain = urlparse(url).netloc 141 | rbts = f"./report/robots_{domain}.txt" 142 | ss=f"Content: {response.text}\n" 143 | 144 | rbtstxt = open(rbts, "a") 145 | rbtstxt.write(ss) 146 | 147 | 148 | with open(dosyaAdi, "a") as rapor: 149 | rapor_icerik = f"[+] robots.txt is available\n " 150 | 151 | rapor.write(rapor_icerik) 152 | else: 153 | print("[-] robots.txt is not available") 154 | 155 | with open(dosyaAdi, "a") as rapor: 156 | rapor_icerik = "[-] robots.txt is not available\n" 157 | rapor.write(rapor_icerik) 158 | 159 | except requests.exceptions.RequestException as e: 160 | print(f"Error in robotstxt_available: {e}") 161 | 162 | 163 | def urlEncode(url, dosyaAdi): 164 | try: 165 | sonuc = requests.get(url, verify=False) 166 | urlKod = sonuc.url 167 | print("[+]Encoded URL: ", urlKod) 168 | rapor = open(dosyaAdi, "a") 169 | raporIcerik = "[+]Encoded URL: " + urlKod + "\n" 170 | rapor.write(raporIcerik) 171 | rapor.close() 172 | except Exception as e: 173 | print(f"Error in urlEncode: {e}") 174 | pass 175 | 176 | def certificateInformation(url, dosyaAdi): 177 | try: 178 | ctx = ssl.create_default_context() 179 | s = ctx.wrap_socket(socket.socket(), server_hostname=url) 180 | s.connect((url, 443)) 181 | cert = s.getpeercert() 182 | print("[+]Certificate information: ", cert) 183 | rapor = open(dosyaAdi, "a") 184 | raporIcerik = "[+]Certificate information: " + str(cert) + "\n" 185 | rapor.write(raporIcerik) 186 | rapor.close() 187 | except Exception as e: 188 | print(f"Error in certificateInformation: {e}") 189 | rapor = open(dosyaAdi, "a") 190 | raporIcerik = "[+]NO Certificate information: " + "\n" 191 | rapor.write(raporIcerik) 192 | rapor.close() 193 | 194 | 195 | def method(url, dosyaAdi): 196 | try: 197 | sonuc = requests.options(url, verify=False) 198 | allowed_methods = sonuc.headers.get('allow') 199 | print("[+]Allowed methods: ", allowed_methods) 200 | rapor = open(dosyaAdi, "a") 201 | raporIcerik = "[+]Allowed methods: " + str(allowed_methods) + "\n" 202 | rapor.write(raporIcerik) 203 | rapor.close() 204 | except Exception as e: 205 | print(f"Error in method: {e}") 206 | 207 | def FileInputAvailable(url, dosyaAdi): 208 | page = requests.get(url, verify=False) 209 | tree = html.fromstring(page.content) 210 | inputs = tree.xpath('//input[@name]') 211 | file_upload_available = False 212 | with open(dosyaAdi, "a") as rapor: 213 | for input in inputs: 214 | startPoint = int(str(input).find("'")) + 1 215 | stopPoint = int(str(input).find("'", startPoint)) 216 | print(str(input)[startPoint:stopPoint]) 217 | if "type='file'" in str(input): 218 | file_upload_available = True 219 | if file_upload_available: 220 | print("[+]File Upload Function available") 221 | rapor.write("[+]File Upload Function available\n") 222 | else: 223 | print("[+]File Upload Function NOT available") 224 | rapor.write("[+]File Upload Function NOT available\n") 225 | 226 | def sql(url, dosyaAdi): 227 | sqlDosya = open("wordlists/sql.txt", "r") 228 | sqlPayload = sqlDosya.readlines() 229 | sqlDosya.close() 230 | if "=" in url: 231 | deger = str(url).find('=') 232 | for i in sqlPayload: 233 | try: 234 | i = i.split("\n")[0] 235 | yazi = str(url[0:deger + 1]) + str(i) 236 | sonuc = requests.get(yazi) 237 | if int(sonuc.status_code) == 200: 238 | print("[+]Sqli payload: ", str(i)) 239 | print("[+]Sqli URL: ", yazi) 240 | rapor = open(dosyaAdi, "a") 241 | raporIcerik = "[+]Sqli payload: " + str(i) + "\n" 242 | raporIcerik += "[+]Sqli URL: " + yazi + "\n" 243 | rapor.write(raporIcerik) 244 | rapor.close() 245 | else: 246 | print("[-]Sqli payload: ", str(i)) 247 | print("[-]Sqli URL: ", yazi) 248 | rapor = open(dosyaAdi, "a") 249 | raporIcerik = "[-]Sqli payload: " + str(i) + "\n" 250 | raporIcerik += "[-]Sqli URL: " + yazi + "\n" 251 | rapor.write(raporIcerik) 252 | rapor.close() 253 | except: 254 | pass 255 | else: 256 | print("[-]Sqli isn't available") 257 | rapor = open(dosyaAdi, "a") 258 | raporIcerik = "[-]Sqli isn't available\n" 259 | rapor.write(raporIcerik) 260 | rapor.close() 261 | 262 | 263 | 264 | 265 | 266 | def xss(url, dosyaAdi): 267 | xssDosya = open("wordlists/xss.txt", "r", encoding="utf-8") 268 | xssPayload = xssDosya.readlines() 269 | xssDosya.close() 270 | domain = urlparse(url).netloc 271 | links_file_name = f"./crawler/crawl_{domain}.txt" 272 | 273 | # Read the URLs from the crawl file 274 | with open(links_file_name, 'r') as file: 275 | urls = [line.strip() for line in file] 276 | 277 | # Extract potential parameters from the URLs 278 | potential_params = set() 279 | for url in urls: 280 | potential_params.update(re.findall(r"[^/?=]+(?=[?/=])", url)) 281 | 282 | # Test each potential parameter 283 | for potential_param in potential_params: 284 | # Add the potential parameter to the URL 285 | url_with_param = url + '?' + potential_param + '=' + 'test' 286 | 287 | # Test the URL for XSS vulnerabilities 288 | for i in xssPayload: 289 | try: 290 | i = i.strip() # Remove leading/trailing whitespaces, including newline characters 291 | istek = str(url_with_param[:esittirIndis + 1]) + str(i) 292 | icerik = requests.get(istek) 293 | if i in icerik.content: 294 | print("[+]XSS payload: ", str(i)) 295 | print("[+]XSS URL: ", istek) 296 | rapor = open(dosyaAdi, "a") 297 | raporIcerik = "[+]XSS payload: " + str(i) + "\n" 298 | raporIcerik += "[+]XSS URL: " + istek + "\n" 299 | rapor.write(raporIcerik) 300 | rapor.close() 301 | else: 302 | print("[-]XSS payload: ", str(i)) 303 | print("[-]XSS URL: ", istek) 304 | rapor = open(dosyaAdi, "a") 305 | raporIcerik = "[-]XSS payload: " + str(i) + "\n" 306 | raporIcerik += "[-]XSS URL: " + istek + "\n" 307 | rapor.write(raporIcerik) 308 | rapor.close() 309 | except Exception as e: 310 | print(f"An error occurred: {str(e)}") 311 | pass 312 | else: 313 | print("[-]XSS isn't available") 314 | rapor = open(dosyaAdi, "a") 315 | raporIcerik = "[-]no XSS vulnerability\n" 316 | rapor.write(raporIcerik) 317 | rapor.close() 318 | 319 | def crawl(url): 320 | crawl_dosya_path = "./wordlists/crawler.txt" 321 | links_file_name = f"./crawler/crawl_{urlparse(url).netloc}.txt" 322 | 323 | if os.path.exists(links_file_name): 324 | os.remove(links_file_name) 325 | 326 | with open(crawl_dosya_path, "r") as crawl_dosya: 327 | crawl_icerik = crawl_dosya.readlines() 328 | 329 | for index, path in enumerate(crawl_icerik, start=1): 330 | try: 331 | path = path.strip() 332 | crawl_site = urljoin(url, path) 333 | response = requests.get(crawl_site, verify=False) 334 | 335 | if response.status_code == 200: 336 | print("[+] Url:", crawl_site) 337 | 338 | with open(links_file_name, "a") as links_file: 339 | print("[+] Links:", crawl_site) 340 | links_file.write("[+] Links:" + crawl_site + "\n") 341 | 342 | if index % 10 == 0: # Check if 10 requests have been processed 343 | time.sleep(1) # Introduce a 1-second delay 344 | except Exception as e: 345 | print(f"Error processing URL {crawl_site}: {e}") 346 | 347 | def mail(url, dosyaAdi): 348 | istek = requests.get(url, verify=False) 349 | content_str = istek.content.decode('utf-8') # Convert content to string 350 | 351 | sonuc = re.findall(r'[\w.-]+@[\w.-]+\.\w+', content_str) 352 | 353 | for i in sonuc: 354 | print("[+] E-mail: ", str(i)) 355 | rapor = open(dosyaAdi, "a") 356 | raporIcerik = "[+] E-mail: " + str(i) + "\n" 357 | rapor.write(raporIcerik) 358 | rapor.close() 359 | 360 | 361 | def credit(url, dosyaAdi): 362 | istek = requests.get(url, verify=False) 363 | icerik = str(istek).split() 364 | icerikSon = str("".join(icerik)) 365 | AMEX = re.match(r"^3[47][0-9]{13}$", icerikSon) 366 | VISA = re.match(r"^4[0-9]{12}(?:[0-9]{3})?$", icerikSon) 367 | MASTERCARD = re.match(r"^5[1-5][0-9]{14}$", icerikSon) 368 | DISCOVER = re.match(r"^6(?:011|5[0-9]{2})[0-9]{12}$", icerikSon) 369 | try: 370 | if MASTERCARD.group(): 371 | print("Website has a Master Card!") 372 | print(MASTERCARD.group()) 373 | rapor = open(dosyaAdi, "a") 374 | raporIcerik = "Website has a Master Card!\n" 375 | raporIcerik += MASTERCARD.group() + "\n" 376 | rapor.write(raporIcerik) 377 | rapor.close() 378 | 379 | except: 380 | print("Website hasn't a Mastercard!") 381 | 382 | try: 383 | if VISA.group(): 384 | print("Website has a VISA card!") 385 | print(VISA.group()) 386 | rapor = open(dosyaAdi, "a") 387 | raporIcerik = "Website has a VISA card!\n" 388 | raporIcerik += VISA.group() + "\n" 389 | rapor.write(raporIcerik) 390 | rapor.close() 391 | except: 392 | print("Website hasn't a VISA card!") 393 | 394 | try: 395 | if AMEX.group(): 396 | print("Website has a AMEX card!") 397 | print(AMEX.group()) 398 | rapor = open(dosyaAdi, "a") 399 | raporIcerik = "Website has a AMEX card!\n" 400 | raporIcerik += AMEX.group() + "\n" 401 | rapor.write(raporIcerik) 402 | rapor.close() 403 | except: 404 | print("Website hasn't a AMEX card!") 405 | 406 | try: 407 | if DISCOVER.group(): 408 | print("Website has a payment methode!") 409 | print(DISCOVER.group()) 410 | rapor = open(dosyaAdi, "a") 411 | raporIcerik = "[+] Website has a payment methode!\n" 412 | raporIcerik += DISCOVER.group() + "\n" 413 | rapor.write(raporIcerik) 414 | rapor.close() 415 | except: 416 | print("Website has no credit card!") 417 | rapor = open(dosyaAdi, "a") 418 | raporIcerik = "[+] Website has no credit card payment methode!\n" 419 | rapor.write(raporIcerik) 420 | rapor.close() 421 | 422 | 423 | 424 | def link(url): 425 | isimSayi1 = url.find(".") 426 | isim = url[isimSayi1 + 1:] 427 | isimSayi2 = isim.find(".") 428 | isim = isim[:isimSayi2] 429 | 430 | istek = requests.get(url, verify=False) 431 | content_str = istek.content.decode('utf-8') # Convert content to string 432 | 433 | sonuc = re.findall( 434 | r"""(?i)\b((?:https?:(?:/{1,3}|[a-z0-9%])|[a-z0-9.\-]+[.](?:com|net|org|edu|gov|mil|aero|asia|biz|cat|coop|info|int|jobs|mobi|museum|name|post|pro|tel|travel|xxx|ac|ad|ae|af|ag|ai|al|am|an|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cs|cu|cv|cx|cy|cz|dd|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|me|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|rs|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|Ja|sk|sl|sm|sn|so|sr|ss|st|su|sv|sx|sy|sz|tc|td|tf|tg|th|tj|tk|tl|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)/)(?:[^\s()<>{}\[\]]+|$[^\s()]*?\([^\s()]+$[^\s()]*?\)|$[^\s]+?$)+(?:$[^\s()]*?\([^\s()]+$[^\s()]*?\)|$[^\s]+?$|[^\s`!()\[\]{};:'".,<>?«»“”‘’])|(?:(? then input will be open tag 37 | 38 | blacklist = ['html','body','br'] # These tags are normally empty thats why we are ignoring them 39 | whitelist = ['input', 'textarea'] # These tags are the top priority to break out from 40 | 41 | NUM_REFLECTIONS = 0 # Number of reflections 42 | OCCURENCE_NUM = 0 # Occurence number 43 | OCCURENCE_PARSED = 0 # Occurence parsed by the parser 44 | 45 | occur_number = [] 46 | occur_location = [] 47 | 48 | delay = 0 49 | 50 | tags = ['sVg', 'iMg', 'bOdY', 'd3v', 'deTails'] # HTML Tags 51 | 52 | event_handlers = { # Event handlers and the name of tags which can be used with them 53 | 'oNeRror': ['sVg', 'iMg', 'viDeo'], 54 | 'oNloAd': ['sVg', 'bOdY'], 55 | 'oNsTart': ['maRQuee'], 56 | 'oNMoUseOver': ['d3v', 'IfRame', 'bOdY'], 57 | 'oNfoCus': ['d3v', 'bOdY'], 58 | 'oNCliCk': ['d3v', 'bOdY'], 59 | 'oNMoUseOver': ['d3v', 'a', 'bOdY'], 60 | 'oNToggLe': ['deTails'] 61 | } 62 | 63 | functions = [ # JavaScript functions to get a popup 64 | '[8].find(alert)', 'confirm()', 65 | '(alert)()', 'co\u006efir\u006d()', 66 | '(prompt)``', 'a=prompt,a()'] 67 | 68 | # "Not so malicious" payloads for fuzzing 69 | fuzzes = ['', '', '', '', '', '', '

', 70 | '

', '', '', '', '', '', '', '', 71 | '', '', '', '

', '