-
Notifications
You must be signed in to change notification settings - Fork 237
Home
$ pip install cansina
If you want to try cansina in a separate virtual environment just create it before instalation:
$ python3 -m venv venv
Activate environment
$ source venv/bin/activate
Now just install as above.
Options for add user/pass, cookie authentication, etc -> Authentication
Options for modifying request at HTTP level, like proxy, persistent connection, threads, personalized User-Agent, etc -> Requests
Options for processing payloads, like path recursion, adding an extension, inspect for a particular interesting content, etc -> Payload
Options for filtering responses, like skipping 403 code, nasty false 200 codes, list of sizes not interesting, etc -> Filtering
Options for modifying console output, like show content type or full path -> Output
There are two mandatory parameters: '-u' with the target URL and '-p' with the desired payload.
$ cansina -u <target> -p <payload>
It will start cansina with 4 threads and will ban 404 code responses from GET requests.
This is a very basic shoot. A previous careful manual inspection is recommended in order to fine tuning arguments and reduce false positives.
You can also used the standard out using '-' in case you want to preprocess the payloads, for example sorting them or cat a couple of files:
$ cat <payload.txt> | sort | cansina -u <target> -p -
You can explore the results later with a tree view
$ cansina -V <sqlite_file>
Resume last interrupted session with all options and payload with former linenumber.
$ cansina -r <resume_file>
If your work finished suddenly or you just ctrl-c, give it the line number and cansina will start again in that place.
$ cansina -i <target> -p <payload> --line <n>