diss

Website Vulnerability Scanning Site(XSS, Sql Injection, Path tarversal, OS Command Injection etc ...)

How to use

app.js를 실행하여 백엔드 서버를 작동시킴
해당하는 url로 접속후 원하는 공격 카테고리로 접근함(xss의 경우 fast, accurate 두가지 버전을 제공함 *fast의 경우 request 모듈만을 사용 -> 빠른 스캐닝 가능 but 오탐률 높아짐 *accurate의 경우 브라우저 컨트롤이 가능한 모듈을 사용 -> 스캐닝 느림 but 오탐률이 낮아짐)
점검을 하고 싶은 url을 입력 후 돋보기 버튼을 누름
스캐닝이 끝나면 결과창이 나옴

Name		Name	Last commit message	Last commit date
Latest commit History 164 Commits
build		build
config		config
controllers		controllers
how-to-use/images		how-to-use/images
models		models
router		router
static/js		static/js
.env		.env
.gitignore		.gitignore
README.md		README.md
app.js		app.js
asset-manifest.json		asset-manifest.json
crawl_depth.js		crawl_depth.js
db_info.txt		db_info.txt
favicon.ico		favicon.ico
form.txt		form.txt
form_textarea.txt		form_textarea.txt
index.html		index.html
manifest.json		manifest.json
os_command_injection_payload.txt		os_command_injection_payload.txt
package-lock.json		package-lock.json
package.json		package.json
path_traversal_test_site.txt		path_traversal_test_site.txt
pathtraversal_scan.js		pathtraversal_scan.js
project (2).zip		project (2).zip
project.zip		project.zip
reflected_accurate_xss_test_site.txt		reflected_accurate_xss_test_site.txt
reflected_xss_payload.txt		reflected_xss_payload.txt
site_tree.txt		site_tree.txt
sql_injection_payload.txt		sql_injection_payload.txt
sql_injection_test_site.txt		sql_injection_test_site.txt
stored_accurate_xss_test_site.txt		stored_accurate_xss_test_site.txt
stored_xss_payload.txt		stored_xss_payload.txt
xss_fast_scan_payload.txt		xss_fast_scan_payload.txt