├── .gitignore
├── modules
    ├── clickjacking.py
    ├── samplexsrf.py
    ├── twitterxsrf.py
    └── fbxsrf.py
├── burpy.py
├── README.md
├── rawweb.py
├── core.py
└── LICENSE


/.gitignore:
--------------------------------------------------------------------------------
 1 | *.py[cod]
 2 | 
 3 | # C extensions
 4 | *.so
 5 | 
 6 | # Packages
 7 | *.egg
 8 | *.egg-info
 9 | dist
10 | build
11 | eggs
12 | parts
13 | bin
14 | var
15 | sdist
16 | develop-eggs
17 | .installed.cfg
18 | lib
19 | lib64
20 | 
21 | # Installer logs
22 | pip-log.txt
23 | 
24 | # Unit test / coverage reports
25 | .coverage
26 | .tox
27 | nosetests.xml
28 | 
29 | # Translations
30 | *.mo
31 | 
32 | # Mr Developer
33 | .mr.developer.cfg
34 | .project
35 | .pydevproject
36 | 


--------------------------------------------------------------------------------
/modules/clickjacking.py:
--------------------------------------------------------------------------------
 1 | from rawweb import *
 2 | def main(raw_stream,ssl):
 3 | 	title = [
 4 | 		 "Possible Click Jacking",		#Test title for report when test is successfull
 5 | 		"No XFO in Response Headers"		# Brief description of test how you are manipulating the request(Will help you to repoduce issues)
 6 | 		]
 7 | 	raw = RawWeb(raw_stream)
 8 | 	final = raw.addheaders({'Fun':'Fun'})#okay
 9 | 	result = raw.fire(ssl)
10 | 	#result[0] => 200	=> Integer
11 | 	#result[1] => OK	=> String
12 | 	#result[2] => Respheaders => dict
13 | 	#result[3] => body	=> string
14 | 	if 'x-frame-options' in result[2]:
15 | 		# If test result -ve return false
16 | 		return "FALSE"
17 | 		#return res.status,res.reason,res_headers,self.craft_res(res.getheaders(),res.read())
18 | 		#return title,final,result[0],result[1],result[2],result[3]
19 | 	else:
20 | 		# If false only send False
21 | 		#return "FALSE"
22 | 		return title,final,result[0],result[1],result[2],result[3]
23 | 


--------------------------------------------------------------------------------
/modules/samplexsrf.py:
--------------------------------------------------------------------------------
 1 | from rawweb import *
 2 | def main(raw_stream,ssl):				# create a mail subroutine (mandatory)
 3 | 	title = ["Possible XSRF",		  #Test title for reporting when test is successful
 4 | 		      "Removed XSRF token from request"]# Brief description of test how you are manipulating the request(Will help you to reproduce issues)
 5 | 	raw = RawWeb(raw_stream)			# Initiate rawweb library
 6 | 	raw.addheaders({'Header1':'Value1'})  # Add new headers to that request
 7 | 	raw.removeheaders(['Referrer'])			  # Remove Referrer header if exist in raw request
 8 | 	final = raw.removeparameter("auth_token")	# final will hold the final request to be fired.(For reporting)
 9 | 	result = raw.fire(ssl)				
10 | 	#result[0] => 200	=> Integer
11 | 	#result[1] => OK	=> String
12 | 	#result[2] => Response headers => dictionary
13 | 	#result[3] => body	=> string
14 | 	if 'csrf error' in result[3]:
15 | 		# Generic CSRF error is in response body. Hence return "FALSE"
16 | 		return "FALSE"
17 | 	else:
18 | 		# As the generic csrf error is not present in body, treat this as suspicious and +ve result.
19 | 		return title,final,result[0],result[1],result[2],result[3]
20 | 


--------------------------------------------------------------------------------
/modules/twitterxsrf.py:
--------------------------------------------------------------------------------
 1 | from rawweb import *
 2 | def main(raw_stream,ssl):
 3 | 	'''
 4 | 	This Burpy module is specially written to find CSRF vulnerability in Twitter Application.
 5 | 	It has already found few minor and one major CSRF vulnerability in Twitter.
 6 | 	It simply checks whether CSRF token validation is present in Server Side or not by removing token from request and replaying it.
 7 | 	Twitter application always shows a generic error message for CSRF error which is "Your account may not be allowed to perform this action."
 8 | 	If this error is not present in response after removing the token it returns +ve.
 9 | 	
10 | 	These Twitter Bugs were found using this Burpy Plugin:
11 | 
12 | 	http://www.debasish.in/2013/09/hacking-twitter-for-fun.html
13 | 	http://www.debasish.in/2013/09/twitter-xsrf-vulnerability-thanks-to.html
14 | 	
15 | 	
16 | 	'''
17 | 	title = [
18 | 		 "Possible XSRF",		#Please don't add <script>/ html tags here and report XSS :P
19 | 		"CSRF Token Removed from Request"
20 | 		]
21 | 	csrf_error = "Your account may not be allowed to perform this action."	# 
22 | 	raw = RawWeb(raw_stream)
23 | 	if "authenticity_token" in raw_stream:		# Check if request contains any CSRF token or not
24 | 		raw.removeparameter("authenticity_token")	# Use rawweb api to remove the parameter from request
25 | 	else:
26 | 		return "FALSE"			#CSRF token not present in request
27 | 	result = raw.fire(ssl)
28 | 	if csrf_error in result[3]:		# If the CSRF error presnt in response body, Everythng is fine, return false
29 | 		# validation there
30 | 		return "FALSE"
31 | 	else:
32 | 		# If false only send False
33 | 		return title,final,result[0],result[1],result[2],result[3]	# Else return the crafted request
34 | 


--------------------------------------------------------------------------------
/modules/fbxsrf.py:
--------------------------------------------------------------------------------
 1 | from rawweb import *
 2 | def main(raw_stream,ssl):
 3 | 	'''
 4 | 	This Burpy module is specially written to find CSRF vulnerability in Facebook Application.
 5 | 	It has already found few minor CSRF vulnerability in FB application. Few them was qualifed for Bug Bounty.
 6 | 	It simply checks whether CSRF token validation is present in Server Side or not by removing token from request and replaying it.
 7 | 	Facebook application always shows a generic error message for CSRF error which is "Please try closing and re-opening your browser"
 8 | 	If this error is not present in response after removing the token it returns +ve.
 9 | 	'''
10 | 	title = [
11 | 		 "Possible XSRF",		#Please don't add <script>/ html tags here and report XSS :P
12 | 		"CSRF Token (fb_dtsg) Removed from Raw Request"
13 | 		]
14 | 	csrf_error = "Please try closing and re-opening your browser"	# 
15 | 	raw = RawWeb(raw_stream)
16 | 	if "fb_dtsg" in raw_stream:		# Check if request contains any CSRF token or not
17 | 		final = raw.removeparameter("fb_dtsg")	# Use rawweb api to remove the parameter from request
18 | 	else:
19 | 		return "FALSE"			#CSRF token not present in request
20 | 	result = raw.fire(ssl)
21 | 	#result[0] => 200
22 | 	#result[1] => OK
23 | 	#result[2] => Respheaders => dict
24 | 	#result[3] => body
25 | 	if csrf_error in result[3]:		# If the CSRF error presnt in response body, Everythng is fine, return false
26 | 		if result[0] != 500:
27 | 		# validation there
28 | 		# If test positive return True,reponse header , response body.
29 | 		#return res.status,res.reason,res_headers,self.craft_res(res.getheaders(),res.read())
30 | 			return "FALSE"
31 | 		else:
32 | 			return title,final,result[0],result[1],result[2],result[3]
33 | 	else:
34 | 		# If false only send False
35 | 		return title,final,result[0],result[1],result[2],result[3]	# Else return the crafted request
36 | 


--------------------------------------------------------------------------------
/burpy.py:
--------------------------------------------------------------------------------
 1 | import core
 2 | 
 3 | def initiate(dict_req_resp):
 4 | 	'''
 5 | 	Script initiate.Write the initial part of report
 6 | 	'''
 7 | 	print '[+] Found '+str(len(dict_req_resp))+" request from Porvided Burp Log..."
 8 | 	raw_input('[+] Press Enter to start Test___')
 9 | 	print '[+] Starting Test..'
10 | 	report_head = core.part1.replace('{number}',str(len(dict_req_resp))).replace('{target}',core.target_domain)
11 | 	report = open('Report.html','w')
12 | 	report.write(report_head)
13 | 	report.close()
14 | 	# Iterate through all req/response
15 | 	for item in dict_req_resp:
16 | 		if base.gerequestinfo(item,"Host") == core.target_domain:# Check whether request in in test scope
17 | 			for testcase in moduledict:#execute all modules test Case
18 | 				result = moduledict[testcase](item,core.ssl)
19 | 				#if +ve then
20 | 				#result[0] => Test Title
21 | 				#result[1] => Final Crafted Resposne
22 | 				#result[2] => reason
23 | 				#result[3] => response code
24 | 				#result[4] => dict of response headers
25 | 				#result[5] => Response body
26 | 				if len(result) > 5:
27 | 					# Test case true
28 | 					print '[+] Test Result Positive'
29 | 					base.write_report(result[0],result[2],result[3],item,result[1],result[4],result[5])
30 | 					#def write_report(self,title,res_reason,res_code,base_request,crafted_request,res_head_dict,latest_response):
31 | 				else:
32 | 					print '[+] Test Result Negative'
33 | 		else:
34 | 			print '[+] Skipping....Request not associated with ',core.target_domain
35 | 	print '[+] Test Completed...Report.html Generated'
36 | 	report = open('Report.html','a')# When test done, Close the report.
37 | 	report.write(core.part3)
38 | 	report.close()
39 | 
40 | if __name__ == '__main__':
41 | 	base = core.Core()
42 | 	base.banner()
43 | 	base.cmd_option()
44 | 	result = base.parse_log(core.burp_suite_log)
45 | 	global target
46 | 	target = core.target_domain
47 | 	moduledict = base.loadallmodules()
48 | 	initiate(result)
49 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | Burpy v0.1
 2 | ===========
 3 | 
 4 | This portable python tool,parses Burp Suite (http://portswigger.net) log and performs 
 5 | series of tests and finally generate HTML report.
 6 | 
 7 | 
 8 | 		debasish@debasish:~/burpy$ python burpy.py 
 9 | 
10 |                          ____                                             ___  __ 
11 |                         |  _ \                                           / _ \/_ |
12 |                         | |_) |_   _ _ __ _ __  _   _   ______  __   __ | | | || |
13 |                         |  _ <| | | | '__| '_ \| | | | |______| \ \ / / | | | || |
14 |                         | |_) | |_| | |  | |_) | |_| |           \ V /  | |_| || |
15 |                         |____/ \__,_|_|  | .__/ \__, |            \_/    \___(_)_|
16 |                                          | |     __/ |                            
17 |                                          |_|    |___/      
18 | 
19 |                   Burpy v0.1 Portable and Flexible Web Application Security Scanner
20 |                         Author : Debasish Mandal (http://www.debasish.in)
21 | 		[+] Error!! You have missed a mandatory option
22 | 
23 | 		Usage: burpy.py [options]
24 | 		
25 | 		Options:
26 |     		-h, --help         show this help message and exit
27 |     		-t TARGET_DOMAIN   Target/Scan Scope domain - Its mandatory option
28 |     		-l BURP_SUITE_LOG  Full path to burp suite log - Its mandatory option
29 |     		-s SSL             Use of SSL on or off - Its mandatory option
30 | 		debasish@debasish:~/burpy$ 
31 | 
32 | 
33 | 
34 | I have included one raw http request manipulation library (rawweb.py) here.
35 | Using this library you can easily manipulate (Add remove headers , parameter ,change methods) raw 
36 | http requests on the fly.
37 | 
38 | You can easily write your own module specific to any web application. 
39 | 
40 | One example is given below.
41 | 
42 | Below mentioned burpy module adds a new header to any request, remove Referrer header and csrf token from 
43 | request and fire the request.If generic CSRF error is returned, it means token validation is present in 
44 | server side. If server respond is a different manner it log this crafted request in html report.
45 | 
46 | https://github.com/debasishm89/burpy/blob/master/modules/samplexsrf.py
47 | 
48 | 
49 | And this is how the final report looks.
50 | 
51 | 		http://onlyhtmlfiles.appspot.com/static/Sample_Burpy_Report.html
52 | 
53 | I've used twitter Bootstrap library to design this final report.
54 | 
55 | Following Bugs were found using Burpy:
56 | 
57 |                          http://www.debasish.in/2013/09/hacking-twitter-for-fun.html
58 |                          http://www.debasish.in/2013/09/twitter-xsrf-vulnerability-thanks-to.html
59 |                          http://www.debasish.in/2013/10/fuzzing-facebook-for-using-burpy.html
60 | 
61 | Mail me any feature request , Bug @ debasishm89 [@] gmail.com
62 | 
63 | 
64 | **Update**
65 | I've been receiving many issues / errors with this prototype of burpy. Right now I'm unable to maintain this project due to other priorities and limited bandwidth. Sorry about that :(
66 | 


--------------------------------------------------------------------------------
/rawweb.py:
--------------------------------------------------------------------------------
  1 | import httplib
  2 | import re
  3 | import StringIO
  4 | import gzip
  5 | 
  6 | class RawWeb:
  7 | 	def __init__(self,raw):
  8 | 		try:
  9 | 			raw = raw.decode('utf8')
 10 | 		except Exception,e:
 11 | 			raw = raw
 12 | 		global headers,method,body,path
 13 | 		headers = {}
 14 | 		sp = raw.split('\n\n',1)
 15 | 		if len(sp) > 1:
 16 | 			head = sp[0]
 17 | 			body = sp[1]
 18 | 		else :
 19 | 			head = sp[0]
 20 | 			body = ""
 21 | 		c1 = head.split('\n',head.count('\n'))
 22 | 		method = c1[0].split(' ',2)[0]
 23 | 		path = c1[0].split(' ',2)[1]
 24 | 		for i in range(1, head.count('\n')+1):
 25 | 			slice1 = c1[i].split(': ',1)
 26 | 			if slice1[0] != "":
 27 | 				headers[slice1[0]] = slice1[1]
 28 | 	def rebuild(self,method,path,code,headers,body):
 29 | 		raw_stream = method+" "+path+" "+code+"\n"
 30 | 		# start adding header
 31 | 		for key in headers:
 32 | 			raw_stream += key + ": "+headers[key]+"\n"
 33 | 		raw_stream += "\n"+body
 34 | 		return raw_stream
 35 | 	def addheaders(self,new_header):
 36 | 		#add header
 37 | 		for key in new_header:
 38 | 			headers[key] = new_header[key]
 39 | 		return self.rebuild(method,path,"HTTP/1.1",headers,body)
 40 | 	def removeheaders(self,rem_headers):
 41 | 		#remove headers
 42 | 		for i in range(0,len(rem_headers)):
 43 | 			if rem_headers[i] in headers:
 44 | 				del headers[rem_headers[i]]
 45 | 		return self.rebuild(method,path,"HTTP/1.1",headers,body)
 46 | 	def addparameters(self,new_params):
 47 | 		#add params
 48 | 		new_body = body[:-1]
 49 | 		for key in new_params:
 50 |                         new_body += "&" + key + "=" + new_params[key]
 51 | 		return self.rebuild(method,path,"HTTP/1.1",headers,new_body)
 52 | 	def removeparameter(self,del_param):
 53 | 		rx = '(^|&)' + del_param + '=[^&]*'
 54 | 		new_body = re.sub(rx, '', body)
 55 | 		global body
 56 | 		body = new_body
 57 | 		return self.rebuild(method,path,"HTTP/1.1",headers,new_body)
 58 | 	def changemethod(self):
 59 | 		#url = ""
 60 | 		url = path
 61 | 		if method == "POST":
 62 | 			#method = "GET"
 63 | 			if "Content-Type" in headers:
 64 | 				del headers['Content-Type']
 65 | 			if "=" in url:
 66 | 				url += "&"
 67 | 			else:
 68 | 				url += "?"
 69 | 			url += body[:-1]
 70 | 			global path,method,body
 71 | 			body = ""
 72 | 			method = "GET"
 73 | 			path = url
 74 | 			return self.rebuild("GET",url,"HTTP/1.1",headers,body)
 75 | 		else:
 76 | 			headers ['Content-Type'] = 'application/x-www-form-urlencoded'
 77 | 			a = url.split('?',1)
 78 | 			url = a[0]
 79 | 			global path,method,body
 80 | 			method = "POST"
 81 | 			path = url
 82 | 			body = a[1]
 83 | 			return self.rebuild("POST",url,"HTTP/1.1",headers,body)
 84 | 	def craft_res(self,res_head,res_body):
 85 | 		'''
 86 | 		if response data is gzip encoded this function detectes that and decode that compressed data
 87 | 		'''
 88 | 		for i in range(0,len(res_head)):
 89 | 			e1 =  res_head[i]
 90 | 			if e1[1] == "gzip":
 91 | 				res_body = self.decode_gzip(res_body)
 92 | 		return res_body	# Return the respionse body
 93 | 	def decode_gzip(self,compresseddata):
 94 | 		'''
 95 | 		Accepts gzip compressde data and returns clear text data.
 96 | 		'''
 97 | 		compressedstream = StringIO.StringIO(compresseddata)
 98 | 		gzipper = gzip.GzipFile(fileobj = compressedstream)
 99 | 		return gzipper.read()
100 | 	def fire(self,ssl):
101 | 		if len(path) > 70:
102 | 			print '[+]',method,path[:100]+"..."
103 | 		else:
104 | 			print '[+]',method,path
105 | 		if ssl == "on":
106 | 			con = httplib.HTTPSConnection(headers['Host'])
107 | 		else:
108 | 			con = httplib.HTTPConnection(headers['Host'])
109 | 		try:
110 | 			con.request(method,path,body,headers)
111 | 			res = con.getresponse()
112 | 		except Exception,e:
113 | 			return 'Error','Error',{},'Error'
114 | 			print '[+] Connectivity Issue '
115 | 		#make response dict
116 | 		res_headers = {}
117 | 		for i in range(0,len(res.getheaders())):
118 | 			res_headers[res.getheaders()[i][0]] = res.getheaders()[i][1]
119 | 		return res.status,res.reason,res_headers,self.craft_res(res.getheaders(),res.read())
120 | 


--------------------------------------------------------------------------------
/core.py:
--------------------------------------------------------------------------------
  1 | from xml.etree import ElementTree as ET
  2 | import httplib
  3 | import urllib
  4 | from difflib import SequenceMatcher
  5 | import string
  6 | import random
  7 | import optparse
  8 | import cgi
  9 | import glob
 10 | import imp
 11 | ########################################
 12 | global part1
 13 | global part3
 14 | part1 = '''<!DOCTYPE html><html><head><meta charset="utf-8" /><title>Burpy Version - 0.1 Test Report</title><link href="http://www.w3resource.com/twitter-bootstrap/twitter-bootstrap-v2/docs/assets/css/bootstrap.css" rel="stylesheet" type="text/css" /></head><body><div class="well span12 offset1"><h1>Burpy v0.1 Report</h1></br><p><b>Author </b>: <a href="http://www.debasish.in/">Debasish Mandal</a></p><p><b>Total Number of Request(s) Tested </b>: {number}</br><b>Scan Scope : </b>{target}</br></div><div class="well span12 offset1"><div class="container-fluid"><div class="accordion" id="accordion2"></div>'''
 15 | part2 = '''<div class="accordion-group"><div class="accordion-heading"><a class="accordion-toggle" data-toggle="collapse" data-parent="#accordion2" href="#{col_id}">{title}</a></div><div id="{col_id}" class="accordion-body collapse" style="height: 0px; "><div class="accordion-inner">{response}</div></div></div>'''
 16 | part3 = '''</div></div></div><script type="text/javascript" src="http://www.w3resource.com/twitter-bootstrap/twitter-bootstrap-v2/docs/assets/js/jquery.js"></script><script type="text/javascript" src="http://www.w3resource.com/twitter-bootstrap/twitter-bootstrap-v2/docs/assets/js/bootstrap-collapse.js"></script></body></html>'''
 17 | class Core:
 18 | 	'''
 19 | 	This class holds the core components of Burpy
 20 | 	'''
 21 | 	def banner(self):
 22 | 		'''
 23 | 		Print this banner on start up.
 24 | 		'''
 25 | 		print '''
 26 | 			 ____		                                  ___  __ 
 27 | 			|  _ \                                           / _ \/_ |
 28 | 			| |_) |_   _ _ __ _ __  _   _   ______  __   __ | | | || |
 29 | 			|  _ <| | | | '__| '_ \| | | | |______| \ \ / / | | | || |
 30 | 			| |_) | |_| | |  | |_) | |_| |           \ V /  | |_| || |
 31 | 			|____/ \__,_|_|  | .__/ \__, |            \_/    \___(_)_|
 32 | 					 | |     __/ |                            
 33 | 					 |_|    |___/      		
 34 | 		'''
 35 | 		print '                  Burpy v0.1 Portable and Flexible Web Application Security Scanner'
 36 | 		print '                        Author : Debasish Mandal (http://www.debasish.in)'
 37 | 	def cmd_option(self):
 38 | 		'''
 39 | 		Parse Options
 40 | 		'''
 41 | 		global target_domain
 42 | 		global burp_suite_log
 43 | 		global ssl
 44 | 		parser = optparse.OptionParser()
 45 | 		parser.add_option('-t', type="string",help='Target/Scan Scope domain - Its mandatory option', dest='target_domain')
 46 | 		parser.add_option('-l', type="string",help='Full path to burp suite log - Its mandatory option', dest='burp_suite_log')
 47 | 		parser.add_option('-s', type="string",help='Use of SSL on or off - Its mandatory option', dest='SSL')
 48 | 		(opts, args) = parser.parse_args()
 49 | 		burp_suite_log = opts.burp_suite_log
 50 | 		target_domain = opts.target_domain
 51 | 		ssl = opts.SSL
 52 | 		mandatories = ['target_domain','burp_suite_log','SSL']
 53 | 		for m in mandatories:
 54 | 			if not opts.__dict__[m]:
 55 | 				print "[+] Error!! You have missed a mandatory option\n"
 56 | 				parser.print_help()
 57 | 				exit(-1)
 58 | 	def id_generator(self,size=6, chars=string.ascii_uppercase + string.digits):
 59 | 		'''
 60 | 		Generate random string.
 61 | 		this Random String fuinction copied from :-> http://stackoverflow.com/questions/2257441/python-random-string-generation-with-upper-case-letters-and-digits
 62 | 		'''
 63 | 		return ''.join(random.choice(chars) for x in range(size))
 64 | 
 65 | 	def write_report(self,title,res_reason,res_code,base_request,crafted_request,res_head_dict,latest_response):
 66 | 		'''
 67 | 		When any test result is positive, Use this routine to write the raw request to html report.Cud not make it more simple.
 68 | 		'''
 69 | 		latest_response = cgi.escape(latest_response)
 70 | 		base_request = base_request.replace('\n','</br>')
 71 | 		crafted_request = crafted_request.replace('\n','</br>')
 72 | 		HOST = target_domain
 73 | 		url = self.gerequestinfo(base_request,"path")
 74 | 		if len(url) > 50:
 75 | 			path_u = url[:50]+"..."
 76 | 		else:
 77 | 			path_u = url
 78 | 		raw_resp = "HTTP/1.1 " + str(res_reason) +" "+ res_code + "</br>"
 79 | 		for ele in res_head_dict:
 80 | 			raw_resp += ele + ": " + res_head_dict[ele] + "</br>"
 81 | 		raw_resp += "</br>"+latest_response
 82 | 		try:
 83 | 			raw = "<b>Base Request</b></br>"+base_request+"</br></br><b>Crafted Request&nbsp;&nbsp;&nbsp;["+title[1]+"]</b></br></br>"+crafted_request+"</br><b>Live Response</b></br>"+raw_resp
 84 | 		except Exception, e:
 85 | 			raw += "<b>One Exception Occured while parsing the response..</b>"
 86 | 		report = open('Report.html','a')
 87 | 		final = part2.replace('{response}',raw).replace('{col_id}',self.id_generator()).replace('{title}',"<b>http(s)://"+HOST+path_u+"</b>["+title[0]+"]")# Exactly I don't have any idea why i'm using random numebr to locate bootstarp collaps, but its 2.30 AM and i gotta compelet this code today 
 88 | 		try:
 89 | 			report.write(final)
 90 | 		except Exception,e:
 91 | 			print '[+] Just handled one unicode conversion Error.In Some cases it faces an Unicode Error'
 92 | 		report.close()
 93 | 	def difference(self,cont1,cont2):
 94 | 		'''
 95 | 		Simple function to Compute diff percentage of two data sets.
 96 | 		'''
 97 | 		m = SequenceMatcher(None, cont1, cont2)
 98 | 		return m.ratio()*100
 99 | 
100 | 	def parse_log(self,log_path):
101 | 		'''
102 | 		This fucntion accepts burp log file path.
103 | 		and returns a dict. of request and response
104 | 		result = {'GET /page.php...':'200 OK HTTP / 1.1....','':'',.....}
105 | 		'''
106 | 		result = {}
107 | 		try:
108 | 			with open(log_path): pass
109 | 		except IOError:
110 | 			print "[+] Error!!! ",log_path,"doesn't exist.."
111 | 			exit()
112 | 		try:
113 | 			tree = ET.parse(log_path)
114 | 		except Exception, e:
115 | 			print '[+] Opps..!Please make sure binary data is not present in Log, Like raw image dump,flash(.swf files) dump etc'
116 | 			exit()
117 | 		root = tree.getroot()
118 | 		for reqs in root.findall('item'):
119 | 			raw_req = reqs.find('request').text
120 | 			raw_req = urllib.unquote(raw_req).decode('utf8')
121 | 			raw_resp = reqs.find('response').text
122 | 			result[raw_req] = raw_resp
123 | 		return result
124 | 	def gerequestinfo(self,raw_stream,query):
125 | 		headers = {}
126 | 		sp = raw_stream.split('\n\n',1)
127 | 		if len(sp) > 1:
128 | 			head = sp[0]
129 | 			body = sp[1]
130 | 		else :
131 | 			head = sp[0]
132 | 			body = ""
133 | 		c1 = head.split('\n',head.count('\n'))
134 | 		method = c1[0].split(' ',2)[0]
135 | 		path = c1[0].split(' ',2)[1]
136 | 		if query == "path":
137 | 			return path
138 | 		for i in range(1, head.count('\n')+1):
139 | 			slice1 = c1[i].split(': ',1)
140 | 			if slice1[0] != "":
141 | 				headers[slice1[0]] = slice1[1]
142 | 		return headers[query]
143 | 	def loadallmodules(self):
144 | 		avlbl_mods = {}
145 | 		mods = glob.glob("modules/*.py")
146 | 		for mod in mods:
147 | 			print '[+] \t\tLoaded...',mod
148 | 			try:
149 | 				modl = imp.load_source('main', mod)
150 | 				avlbl_mods[self.id_generator()] = modl.main
151 | 			except Exception,e:
152 | 				print '[+] Error!! Could not import ',mod
153 | 		return avlbl_mods
154 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | GNU GENERAL PUBLIC LICENSE
  2 |                        Version 2, June 1991
  3 | 
  4 |  Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
  5 |  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  6 |  Everyone is permitted to copy and distribute verbatim copies
  7 |  of this license document, but changing it is not allowed.
  8 | 
  9 |                             Preamble
 10 | 
 11 |   The licenses for most software are designed to take away your
 12 | freedom to share and change it.  By contrast, the GNU General Public
 13 | License is intended to guarantee your freedom to share and change free
 14 | software--to make sure the software is free for all its users.  This
 15 | General Public License applies to most of the Free Software
 16 | Foundation's software and to any other program whose authors commit to
 17 | using it.  (Some other Free Software Foundation software is covered by
 18 | the GNU Lesser General Public License instead.)  You can apply it to
 19 | your programs, too.
 20 | 
 21 |   When we speak of free software, we are referring to freedom, not
 22 | price.  Our General Public Licenses are designed to make sure that you
 23 | have the freedom to distribute copies of free software (and charge for
 24 | this service if you wish), that you receive source code or can get it
 25 | if you want it, that you can change the software or use pieces of it
 26 | in new free programs; and that you know you can do these things.
 27 | 
 28 |   To protect your rights, we need to make restrictions that forbid
 29 | anyone to deny you these rights or to ask you to surrender the rights.
 30 | These restrictions translate to certain responsibilities for you if you
 31 | distribute copies of the software, or if you modify it.
 32 | 
 33 |   For example, if you distribute copies of such a program, whether
 34 | gratis or for a fee, you must give the recipients all the rights that
 35 | you have.  You must make sure that they, too, receive or can get the
 36 | source code.  And you must show them these terms so they know their
 37 | rights.
 38 | 
 39 |   We protect your rights with two steps: (1) copyright the software, and
 40 | (2) offer you this license which gives you legal permission to copy,
 41 | distribute and/or modify the software.
 42 | 
 43 |   Also, for each author's protection and ours, we want to make certain
 44 | that everyone understands that there is no warranty for this free
 45 | software.  If the software is modified by someone else and passed on, we
 46 | want its recipients to know that what they have is not the original, so
 47 | that any problems introduced by others will not reflect on the original
 48 | authors' reputations.
 49 | 
 50 |   Finally, any free program is threatened constantly by software
 51 | patents.  We wish to avoid the danger that redistributors of a free
 52 | program will individually obtain patent licenses, in effect making the
 53 | program proprietary.  To prevent this, we have made it clear that any
 54 | patent must be licensed for everyone's free use or not licensed at all.
 55 | 
 56 |   The precise terms and conditions for copying, distribution and
 57 | modification follow.
 58 | 
 59 |                     GNU GENERAL PUBLIC LICENSE
 60 |    TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
 61 | 
 62 |   0. This License applies to any program or other work which contains
 63 | a notice placed by the copyright holder saying it may be distributed
 64 | under the terms of this General Public License.  The "Program", below,
 65 | refers to any such program or work, and a "work based on the Program"
 66 | means either the Program or any derivative work under copyright law:
 67 | that is to say, a work containing the Program or a portion of it,
 68 | either verbatim or with modifications and/or translated into another
 69 | language.  (Hereinafter, translation is included without limitation in
 70 | the term "modification".)  Each licensee is addressed as "you".
 71 | 
 72 | Activities other than copying, distribution and modification are not
 73 | covered by this License; they are outside its scope.  The act of
 74 | running the Program is not restricted, and the output from the Program
 75 | is covered only if its contents constitute a work based on the
 76 | Program (independent of having been made by running the Program).
 77 | Whether that is true depends on what the Program does.
 78 | 
 79 |   1. You may copy and distribute verbatim copies of the Program's
 80 | source code as you receive it, in any medium, provided that you
 81 | conspicuously and appropriately publish on each copy an appropriate
 82 | copyright notice and disclaimer of warranty; keep intact all the
 83 | notices that refer to this License and to the absence of any warranty;
 84 | and give any other recipients of the Program a copy of this License
 85 | along with the Program.
 86 | 
 87 | You may charge a fee for the physical act of transferring a copy, and
 88 | you may at your option offer warranty protection in exchange for a fee.
 89 | 
 90 |   2. You may modify your copy or copies of the Program or any portion
 91 | of it, thus forming a work based on the Program, and copy and
 92 | distribute such modifications or work under the terms of Section 1
 93 | above, provided that you also meet all of these conditions:
 94 | 
 95 |     a) You must cause the modified files to carry prominent notices
 96 |     stating that you changed the files and the date of any change.
 97 | 
 98 |     b) You must cause any work that you distribute or publish, that in
 99 |     whole or in part contains or is derived from the Program or any
100 |     part thereof, to be licensed as a whole at no charge to all third
101 |     parties under the terms of this License.
102 | 
103 |     c) If the modified program normally reads commands interactively
104 |     when run, you must cause it, when started running for such
105 |     interactive use in the most ordinary way, to print or display an
106 |     announcement including an appropriate copyright notice and a
107 |     notice that there is no warranty (or else, saying that you provide
108 |     a warranty) and that users may redistribute the program under
109 |     these conditions, and telling the user how to view a copy of this
110 |     License.  (Exception: if the Program itself is interactive but
111 |     does not normally print such an announcement, your work based on
112 |     the Program is not required to print an announcement.)
113 | 
114 | These requirements apply to the modified work as a whole.  If
115 | identifiable sections of that work are not derived from the Program,
116 | and can be reasonably considered independent and separate works in
117 | themselves, then this License, and its terms, do not apply to those
118 | sections when you distribute them as separate works.  But when you
119 | distribute the same sections as part of a whole which is a work based
120 | on the Program, the distribution of the whole must be on the terms of
121 | this License, whose permissions for other licensees extend to the
122 | entire whole, and thus to each and every part regardless of who wrote it.
123 | 
124 | Thus, it is not the intent of this section to claim rights or contest
125 | your rights to work written entirely by you; rather, the intent is to
126 | exercise the right to control the distribution of derivative or
127 | collective works based on the Program.
128 | 
129 | In addition, mere aggregation of another work not based on the Program
130 | with the Program (or with a work based on the Program) on a volume of
131 | a storage or distribution medium does not bring the other work under
132 | the scope of this License.
133 | 
134 |   3. You may copy and distribute the Program (or a work based on it,
135 | under Section 2) in object code or executable form under the terms of
136 | Sections 1 and 2 above provided that you also do one of the following:
137 | 
138 |     a) Accompany it with the complete corresponding machine-readable
139 |     source code, which must be distributed under the terms of Sections
140 |     1 and 2 above on a medium customarily used for software interchange; or,
141 | 
142 |     b) Accompany it with a written offer, valid for at least three
143 |     years, to give any third party, for a charge no more than your
144 |     cost of physically performing source distribution, a complete
145 |     machine-readable copy of the corresponding source code, to be
146 |     distributed under the terms of Sections 1 and 2 above on a medium
147 |     customarily used for software interchange; or,
148 | 
149 |     c) Accompany it with the information you received as to the offer
150 |     to distribute corresponding source code.  (This alternative is
151 |     allowed only for noncommercial distribution and only if you
152 |     received the program in object code or executable form with such
153 |     an offer, in accord with Subsection b above.)
154 | 
155 | The source code for a work means the preferred form of the work for
156 | making modifications to it.  For an executable work, complete source
157 | code means all the source code for all modules it contains, plus any
158 | associated interface definition files, plus the scripts used to
159 | control compilation and installation of the executable.  However, as a
160 | special exception, the source code distributed need not include
161 | anything that is normally distributed (in either source or binary
162 | form) with the major components (compiler, kernel, and so on) of the
163 | operating system on which the executable runs, unless that component
164 | itself accompanies the executable.
165 | 
166 | If distribution of executable or object code is made by offering
167 | access to copy from a designated place, then offering equivalent
168 | access to copy the source code from the same place counts as
169 | distribution of the source code, even though third parties are not
170 | compelled to copy the source along with the object code.
171 | 
172 |   4. You may not copy, modify, sublicense, or distribute the Program
173 | except as expressly provided under this License.  Any attempt
174 | otherwise to copy, modify, sublicense or distribute the Program is
175 | void, and will automatically terminate your rights under this License.
176 | However, parties who have received copies, or rights, from you under
177 | this License will not have their licenses terminated so long as such
178 | parties remain in full compliance.
179 | 
180 |   5. You are not required to accept this License, since you have not
181 | signed it.  However, nothing else grants you permission to modify or
182 | distribute the Program or its derivative works.  These actions are
183 | prohibited by law if you do not accept this License.  Therefore, by
184 | modifying or distributing the Program (or any work based on the
185 | Program), you indicate your acceptance of this License to do so, and
186 | all its terms and conditions for copying, distributing or modifying
187 | the Program or works based on it.
188 | 
189 |   6. Each time you redistribute the Program (or any work based on the
190 | Program), the recipient automatically receives a license from the
191 | original licensor to copy, distribute or modify the Program subject to
192 | these terms and conditions.  You may not impose any further
193 | restrictions on the recipients' exercise of the rights granted herein.
194 | You are not responsible for enforcing compliance by third parties to
195 | this License.
196 | 
197 |   7. If, as a consequence of a court judgment or allegation of patent
198 | infringement or for any other reason (not limited to patent issues),
199 | conditions are imposed on you (whether by court order, agreement or
200 | otherwise) that contradict the conditions of this License, they do not
201 | excuse you from the conditions of this License.  If you cannot
202 | distribute so as to satisfy simultaneously your obligations under this
203 | License and any other pertinent obligations, then as a consequence you
204 | may not distribute the Program at all.  For example, if a patent
205 | license would not permit royalty-free redistribution of the Program by
206 | all those who receive copies directly or indirectly through you, then
207 | the only way you could satisfy both it and this License would be to
208 | refrain entirely from distribution of the Program.
209 | 
210 | If any portion of this section is held invalid or unenforceable under
211 | any particular circumstance, the balance of the section is intended to
212 | apply and the section as a whole is intended to apply in other
213 | circumstances.
214 | 
215 | It is not the purpose of this section to induce you to infringe any
216 | patents or other property right claims or to contest validity of any
217 | such claims; this section has the sole purpose of protecting the
218 | integrity of the free software distribution system, which is
219 | implemented by public license practices.  Many people have made
220 | generous contributions to the wide range of software distributed
221 | through that system in reliance on consistent application of that
222 | system; it is up to the author/donor to decide if he or she is willing
223 | to distribute software through any other system and a licensee cannot
224 | impose that choice.
225 | 
226 | This section is intended to make thoroughly clear what is believed to
227 | be a consequence of the rest of this License.
228 | 
229 |   8. If the distribution and/or use of the Program is restricted in
230 | certain countries either by patents or by copyrighted interfaces, the
231 | original copyright holder who places the Program under this License
232 | may add an explicit geographical distribution limitation excluding
233 | those countries, so that distribution is permitted only in or among
234 | countries not thus excluded.  In such case, this License incorporates
235 | the limitation as if written in the body of this License.
236 | 
237 |   9. The Free Software Foundation may publish revised and/or new versions
238 | of the General Public License from time to time.  Such new versions will
239 | be similar in spirit to the present version, but may differ in detail to
240 | address new problems or concerns.
241 | 
242 | Each version is given a distinguishing version number.  If the Program
243 | specifies a version number of this License which applies to it and "any
244 | later version", you have the option of following the terms and conditions
245 | either of that version or of any later version published by the Free
246 | Software Foundation.  If the Program does not specify a version number of
247 | this License, you may choose any version ever published by the Free Software
248 | Foundation.
249 | 
250 |   10. If you wish to incorporate parts of the Program into other free
251 | programs whose distribution conditions are different, write to the author
252 | to ask for permission.  For software which is copyrighted by the Free
253 | Software Foundation, write to the Free Software Foundation; we sometimes
254 | make exceptions for this.  Our decision will be guided by the two goals
255 | of preserving the free status of all derivatives of our free software and
256 | of promoting the sharing and reuse of software generally.
257 | 
258 |                             NO WARRANTY
259 | 
260 |   11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
268 | REPAIR OR CORRECTION.
269 | 
270 |   12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
278 | POSSIBILITY OF SUCH DAMAGES.
279 | 
280 |                      END OF TERMS AND CONDITIONS
281 | 
282 |             How to Apply These Terms to Your New Programs
283 | 
284 |   If you develop a new program, and you want it to be of the greatest
285 | possible use to the public, the best way to achieve this is to make it
286 | free software which everyone can redistribute and change under these terms.
287 | 
288 |   To do so, attach the following notices to the program.  It is safest
289 | to attach them to the start of each source file to most effectively
290 | convey the exclusion of warranty; and each file should have at least
291 | the "copyright" line and a pointer to where the full notice is found.
292 | 
293 |     Portable and flexible web application security assessment tool.It parses Burp Suite log and performs few tests and generate HTML report.
294 |     Copyright (C) 2013  Debasish Mandal
295 | 
296 |     This program is free software; you can redistribute it and/or modify
297 |     it under the terms of the GNU General Public License as published by
298 |     the Free Software Foundation; either version 2 of the License, or
299 |     (at your option) any later version.
300 | 
301 |     This program is distributed in the hope that it will be useful,
302 |     but WITHOUT ANY WARRANTY; without even the implied warranty of
303 |     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
304 |     GNU General Public License for more details.
305 | 
306 |     You should have received a copy of the GNU General Public License along
307 |     with this program; if not, write to the Free Software Foundation, Inc.,
308 |     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
309 | 
310 | Also add information on how to contact you by electronic and paper mail.
311 | 
312 | If the program is interactive, make it output a short notice like this
313 | when it starts in an interactive mode:
314 | 
315 |     Gnomovision version 69, Copyright (C) year name of author
316 |     Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
317 |     This is free software, and you are welcome to redistribute it
318 |     under certain conditions; type `show c' for details.
319 | 
320 | The hypothetical commands `show w' and `show c' should show the appropriate
321 | parts of the General Public License.  Of course, the commands you use may
322 | be called something other than `show w' and `show c'; they could even be
323 | mouse-clicks or menu items--whatever suits your program.
324 | 
325 | You should also get your employer (if you work as a programmer) or your
326 | school, if any, to sign a "copyright disclaimer" for the program, if
327 | necessary.  Here is a sample; alter the names:
328 | 
329 |   Yoyodyne, Inc., hereby disclaims all copyright interest in the program
330 |   `Gnomovision' (which makes passes at compilers) written by James Hacker.
331 | 
332 |   {signature of Ty Coon}, 1 April 1989
333 |   Ty Coon, President of Vice
334 | 
335 | This General Public License does not permit incorporating your program into
336 | proprietary programs.  If your program is a subroutine library, you may
337 | consider it more useful to permit linking proprietary applications with the
338 | library.  If this is what you want to do, use the GNU Lesser General
339 | Public License instead of this License.
340 | 


--------------------------------------------------------------------------------