Penetration testing

1. import sys
2. import os
3. import requests
4. import random
5. import time
6. import logging
7. from multiprocessing import cpu_count
8. from multiprocessing.dummy import Pool
9.  
10. # Logging setup
11. logging.basicConfig(filename='scanner.log', level=logging.INFO, format='%(asctime)s - %(message)s')
12.  
13. # Safety: Define the authorized list of sites
14. authorized_sites = ['example.com', 'testsite.com'] # Replace with real authorized sites
15.  
16. # Validate if a site is authorized
17. def is_authorized_site(site, authorized_sites):
18. return site in authorized_sites
19.  
20. # Safe request handling with retry on failure
21. def safe_request(url, headers, timeout=10):
22. try:
23. response = requests.get(url, headers=headers, verify=False, timeout=timeout)
24. return response
25. except requests.exceptions.RequestException as e:
26. logging.error(f"Error with request {url}: {e}")
27. return None
28.  
29. # Scan logic
30. def scan_site(site, headers):
31. domain = site.split('/')[0] # Extract domain
32. paths = ['path1', 'path2'] # List of paths to scan (e.g., common attack paths)
33. shell_signatures = ['shell_signature1', 'shell_signature2'] # List of known shell signatures
34.  
35. for path in paths:
36. url = f"http://{domain}/{path}"
37. response = safe_request(url, headers)
38. if response and any(sig in response.text for sig in shell_signatures):
39. logging.info(f"Shell found at {url}")
40. print(f"[+] Found shell at {url}")
41. return True # Exit on first match
42. time.sleep(random.uniform(1, 3)) # Throttling to prevent DoS
43. return False
44.  
45. # Main scanning function
46. def run_scanner(site):
47. if is_authorized_site(site, authorized_sites):
48. logging.info(f"Scanning {site}...")
49. headers = {'User-Agent': 'Mozilla/5.0'}
50. if not scan_site(site, headers):
51. logging.info(f"Failed to find shell at {site}")
52. print(f"[!] Failed to find shell at {site}")
53. else:
54. print(f"[!] Unauthorized site: {site}")
55.  
56. # Main script entry point
57. if __name__ == "__main__":
58. target_sites = ['example.com', 'testsite.com'] # Replace with actual target list
59. thread_count = cpu_count() * 2 # Number of threads to use
60. print(f"Using {thread_count} threads for scanning.")
61.  
62. pool = Pool(thread_count)
63. pool.map(run_scanner, target_sites)
64. pool.close()
65. pool.join()
66.  
67. print("[+] Scanning complete.")