LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Logsensor - A Powerful Sensor Tool To Discover Login Panels, And POST Form SQLi Scanning

10 months ago 138
BOOK THIS SPACE FOR AD
ARTICLE AD

A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning

Features

login panel Scanning for multiple hosts Proxy compatibility (http, https) Login panel scanning are done in multiprocessing

so the script is super fast at scanning many urls

quick tutorial & screenshots are shown at the bottom
project contribution tips at the bottom

Installation

git clone https://github.com/Mr-Robert0/Logsensor.git
cd Logsensor && sudo chmod +x logsensor.py install.sh
pip install -r requirements.txt
./install.sh

Dependencies

re bs4 termcolor argparse tabulate requests

Quick Tutorial

1. Multiple hosts scanning to detect login panels

You can increase the threads (default 30) only run login detector module
python3 logsensor.py -f <subdomains-list>
python3 logsensor.py -f <subdomains-list> -t 50
python3 logsensor.py -f <subdomains-list> --login

2. Targeted SQLi form scanning

can provide only specifc url of login panel with --sqli or -s flag for run only SQLi form scanning Module turn on the proxy to see the requests customize user input name of login panel with actual name (default "username")
python logsensor.py -u www.example.com/login --sqli
python logsensor.py -u www.example.com/login -s --proxy http://127.0.0.1:8080
python logsensor.py -u www.example.com/login -s --inputname email

View help

Login panel Detector Module -s, --sqli run only POST Form SQLi Scanning Module with provided Login panels Urls -n , --inputname Customize actual username input for SQLi scan (e.g. 'username' or 'email') -t , --threads Number of threads (default 30) -h, --help Show this help message and exit " dir="auto">

python logsensor.py --help

usage: logsensor.py [-h --help] [--file ] [--url ] [--proxy] [--login] [--sqli] [--threads]

optional arguments:
-u , --url Target URL (e.g. http://example.com/ )
-f , --file Select a target hosts list file (e.g. list.txt )
--proxy Proxy (e.g. http://127.0.0.1:8080)
-l, --login run only Login panel Detector Module
-s, --sqli run only POST Form SQLi Scanning Module with provided Login panels Urls
-n , --inputname Customize actual username input for SQLi scan (e.g. 'username' or 'email')
-t , --threads Number of threads (default 30)
-h, --help Show this help message and exit

Screenshots

Development

TODO

adding "POST form SQli (Time based) scanning" and check for delay Fuzzing on Url Paths So as not to miss any login panel

Logsensor - A Powerful Sensor Tool To Discover Login Panels, And POST Form SQLi Scanning Logsensor - A Powerful Sensor Tool To Discover Login Panels, And POST Form SQLi Scanning Reviewed by Zion3R on 8:30 AM Rating: 5

Read Entire Article
  3. Logsensor - A Powerful Sensor Tool To Discover Login Panels, And POST Form SQLi Scanning

Related

File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add

File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Psobf - PowerShell Obfuscator

Psobf - PowerShell Obfuscator

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife

Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife

VulnNodeApp - A Vulnerable Node.Js Application

VulnNodeApp - A Vulnerable Node.Js Application

Trending

1. Sports
2. Disney
3. Dubai
4. Coldplay Infinity tickets
5. Bengaluru Bulls
6. Rights
7. ICBM
8. Rishabh Pant
9. Yashasvi Jaiswal
10. KL Rahul

Popular

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved