-
Notifications
You must be signed in to change notification settings - Fork 0
Listing Plugins
7a edited this page Sep 21, 2012
·
2 revisions
OWTF has many available plugins you can list them using the "-l" option like this:
./owtf.py -l web
__ ___
/\ \__ /'___\
___ __ __ _\ \ ,_\/\ \__/
/ __`\/\ \/\ \/\ \ \ \/\ \ ,__\
/\ \_\ \ \ \_/ \_/ \ \ \_\ \ \_/
\ \____/\ \___x___/'\ \__\\ \_\
\/___/ \/__//__/ \/__/ \/_/
OWASP OWTF, the Offensive (Web) Testing Framework, is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient @owtfp http://owtf.org
Author: Abraham Aranguren <name.surname@gmail.com> - http://7-a.org - Twitter: @7a_
OWTF Version: 0.14 "London"
[*] Loading framework please wait..
[*] Loading Config from: /root/Work/OWTF/owtf_dev/profiles/general/default.cfg ..
[*] Loading Resources from: /root/Work/OWTF/owtf_dev/profiles/resources/default.cfg ..
[*] Loading web Plugin Order from: /root/Work/OWTF/owtf_dev/profiles/web_plugin_order/default.cfg ..
[*] SUCCESS: Integrity Check successful -> All tools were found
Short Intro:
Current Plugin Groups:
- web: For web assessments or when net plugins find a port that "speaks HTTP"
- net: For network assessments, discovery and port probing
- aux: Auxiliary plugins, to automate miscelaneous tasks
WEB Plugin Types:
- Passive Plugins: NO requests sent to target
- Semi Passive Plugins: SOME "normal/legitimate" requests sent to target
- Active Plugins: A LOT OF "bad" requests sent to target (You better have permission!)
- Grep Plugins: NO requests sent to target. 100% based on transaction searches and plugin output parsing. Automatically run after semi_passive and active in default profile.
Available WEB plugins:
[*]
[*] **************************************** Active Plugins ****************************************
[*] active: Application_Discovery______________________________(OWASP-IG-005)________Active probing for app discovery
[*] active: Arachni_Unauthenticated____________________________(OWTF-WVS-001)________Active Vulnerability Scanning without credentials via Arachni
[*] active: HTTP_Methods_and_XST_______________________________(OWASP-CM-008)________Active probing for HTTP methods
[*] active: Infrastructure_Configuration_Management____________(OWASP-CM-003)________Active Probing for fingerprint analysis
[*] active: Nikto_Unauthenticated______________________________(OWTF-WVS-002)________Active Vulnerability Scanning without credentials via nikto
[*] active: Old_Backup_and_Unreferenced_Files__________________(OWASP-CM-006)________Active probing for juicy files (DirBuster)
[*] active: Testing_for_SSL-TLS________________________________(OWASP-CM-001)________Active probing for SSL configuration
[*] active: Visit_URLs_________________________________________(OWTF-WSP-001)________Visit URLs found by other tools, some could be sensitive: need permission
[*] active: W3AF_Unauthenticated_______________________________(OWTF-WVS-004)________Active Vulnerability Scanning without credentials via w3af
[*] active: Wapiti_Unauthenticated_____________________________(OWTF-WVS-003)________Active Vulnerability Scanning without credentials via Wapiti
[*] active: Web_Application_Fingerprint________________________(OWASP-IG-004)________Active probing for fingerprint analysis
[*] active: Websecurify_Unauthenticated________________________(OWTF-WVS-005)________Active Vulnerability Scanning without credentials via Websecurify
[*]
[*] **************************************** External Plugins ****************************************
[*] external: AJAX_Vulnerabilities_____________________________(OWASP-AJ-001)________Plugin to assist manual testing
[*] external: Application_Configuration_Management_____________(OWASP-CM-004)________Plugin to assist manual testing
[*] external: Application_Discovery____________________________(OWASP-IG-005)________Plugin to assist manual testing
[*] external: Arachni_Unauthenticated__________________________(OWTF-WVS-001)________Plugin to assist manual testing
[*] external: Brute_Force_Testing______________________________(OWASP-AT-004)________Plugin to assist manual testing
[*] external: Bypassing_authentication_schema__________________(OWASP-AT-005)________Plugin to assist manual testing
[*] external: Bypassing_authorization_schema___________________(OWASP-AZ-002)________Plugin to assist manual testing
[*] external: Clickjacking_____________________________________(OWTF-WGP-001)________Plugin to assist manual testing
[*] external: Cookies_attributes_______________________________(OWASP-SM-002)________Plugin to assist manual testing
[*] external: CORS_____________________________________________(OWTF-WGP-002)________CORS Plugin to assist manual testing
[*] external: Credentials_transport_over_an_encrypted_channel__(OWASP-AT-001)________Plugin to assist manual testing
[*] external: DB_Listener_Testing______________________________(OWASP-CM-002)________Plugin to assist manual testing
[*] external: DOM_based_Cross_Site_Scripting___________________(OWASP-DV-003)________Plugin to assist manual testing
[*] external: DoS_Failure_to_Release_Resources_________________(OWASP-DS-007)________Plugin to assist manual testing
[*] external: DoS_User_Specified_Object_Allocation_____________(OWASP-DS-004)________Plugin to assist manual testing
[*] external: Exposed_Session_Variables________________________(OWASP-SM-004)________Plugin to assist manual testing
[*] external: How_to_test_AJAX_________________________________(OWASP-AJ-002)________Plugin to assist manual testing
[*] external: HTTP_GET_parameters_REST_Testing_________________(OWASP-WS-005)________Plugin to assist manual testing
[*] external: HTTP_Methods_and_XST_____________________________(OWASP-CM-008)________Plugin to assist manual testing
[*] external: Identify_application_entry_points________________(OWASP-IG-003)________Plugin to assist manual testing
[*] external: IMAP_SMTP_Injection______________________________(OWASP-DV-011)________Plugin to assist manual testing
[*] external: Infrastructure_Configuration_Management__________(OWASP-CM-003)________Plugin to assist manual testing
[*] external: Logout_and_Browser_Cache_Management______________(OWASP-AT-007)________Plugin to assist manual testing
[*] external: Multiple_Factors_Authentication__________________(OWASP-AT-009)________Plugin to assist manual testing
[*] external: Naughty_SOAP_attachments_________________________(OWASP-WS-006)________Plugin to assist manual testing
[*] external: Nikto_Unauthenticated____________________________(OWTF-WVS-002)________Plugin to assist manual testing
[*] external: Old_Backup_and_Unreferenced_Files________________(OWASP-CM-006)________Plugin to assist manual testing
[*] external: Race_Conditions__________________________________(OWASP-AT-010)________Plugin to assist manual testing
[*] external: Reflected_Cross_Site_Scripting___________________(OWASP-DV-001)________Plugin to assist manual testing
[*] external: Search_engine_discovery_reconnaissance___________(OWASP-IG-002)________Plugin to assist manual testing
[*] external: Session_Management_Schema________________________(OWASP-SM-001)________Plugin to assist manual testing
[*] external: Spiders_Robots_and_Crawlers______________________(OWASP-IG-001)________Plugin to assist manual testing
[*] external: Stored_Cross_Site_Scripting______________________(OWASP-DV-002)________Plugin to assist manual testing
[*] external: Storing_too_Much_Data_in_Session_________________(OWASP-DS-008)________Plugin to assist manual testing
[*] external: Testing_for_Admin_Interfaces_____________________(OWASP-CM-007)________Plugin to assist manual testing
[*] external: Testing_for_Buffer_overflow______________________(OWASP-DV-014)________Plugin to assist manual testing
[*] external: Testing_for_Captcha______________________________(OWASP-AT-008)________Plugin to assist manual testing
[*] external: Testing_for_Code_Injection_______________________(OWASP-DV-012)________Plugin to assist manual testing
[*] external: Testing_for_Command_Injection____________________(OWASP-DV-013)________Plugin to assist manual testing
[*] external: Testing_for_Cross_site_flashing__________________(OWASP-DV-004)________Cross Site Flashing Plugin to assist manual testing
[*] external: Testing_for_CSRF_________________________________(OWASP-SM-005)________Plugin to assist manual testing
[*] external: Testing_for_DoS_Buffer_Overflows_________________(OWASP-DS-003)________Plugin to assist manual testing
[*] external: Testing_for_DoS_Locking_Customer_Accounts________(OWASP-DS-002)________Plugin to assist manual testing
[*] external: Testing_for_Error_Code___________________________(OWASP-IG-006)________Plugin to assist manual testing
[*] external: Testing_for_File_Extensions_Handling_____________(OWASP-CM-005)________Plugin to assist manual testing
[*] external: Testing_for_Guessable_User_Account_______________(OWASP-AT-003)________Plugin to assist manual testing
[*] external: Testing_for_HTTP_Splitting_Smuggling_____________(OWASP-DV-016)________Plugin to assist manual testing
[*] external: Testing_for_incubated_vulnerabilities____________(OWASP-DV-015)________Plugin to assist manual testing
[*] external: Testing_for_LDAP_Injection_______________________(OWASP-DV-006)________Plugin to assist manual testing
[*] external: Testing_for_ORM_Injection________________________(OWASP-DV-007)________Plugin to assist manual testing
[*] external: Testing_for_path_traversal_______________________(OWASP-AZ-001)________Plugin to assist manual testing
[*] external: Testing_for_Privilege_Escalation_________________(OWASP-AZ-003)________Plugin to assist manual testing
[*] external: Testing_for_Session_Fixation_____________________(OWASP-SM-003)________Plugin to assist manual testing
[*] external: Testing_for_SQL_Injection________________________(OWASP-DV-005)________Plugin to assist manual testing
[*] external: Testing_for_SQL_Wildcard_Attacks_________________(OWASP-DS-001)________Plugin to assist manual testing
[*] external: Testing_for_SSI_Injection________________________(OWASP-DV-009)________Plugin to assist manual testing
[*] external: Testing_for_SSL-TLS______________________________(OWASP-CM-001)________Plugin to assist manual testing
[*] external: Testing_for_user_enumeration_____________________(OWASP-AT-002)________Plugin to assist manual testing
[*] external: Testing_for_XML_Injection________________________(OWASP-DV-008)________XML Injection Plugin to assist manual testing
[*] external: Testing_for_XPath_Injection______________________(OWASP-DV-010)________Plugin to assist manual testing
[*] external: Testing_WSDL_____________________________________(OWASP-WS-002)________Plugin to assist manual testing
[*] external: User_Input_as_a_Loop_Counter_____________________(OWASP-DS-005)________Plugin to assist manual testing
[*] external: Visit_URLs_______________________________________(OWTF-WSP-001)________Plugin to assist manual testing
[*] external: Vulnerable_Remember_Password_and_Pwd_Reset_______(OWASP-AT-006)________Plugin to assist manual testing
[*] external: W3AF_Unauthenticated_____________________________(OWTF-WVS-004)________Plugin to assist manual testing
[*] external: Wapiti_Unauthenticated___________________________(OWTF-WVS-003)________Plugin to assist manual testing
[*] external: Web_Application_Fingerprint______________________(OWASP-IG-004)________Plugin to assist manual testing
[*] external: Websecurify_Unauthenticated______________________(OWTF-WVS-005)________Plugin to assist manual testing
[*] external: Writing_User_Provided_Data_to_Disk_______________(OWASP-DS-006)________Plugin to assist manual testing
[*] external: WS_Information_Gathering_________________________(OWASP-WS-001)________Plugin to assist manual testing
[*] external: WS_Replay_Testing________________________________(OWASP-WS-007)________Plugin to assist manual testing
[*] external: XML_Content-level_Testing________________________(OWASP-WS-004)________Plugin to assist manual testing
[*] external: XML_Structural_Testing___________________________(OWASP-WS-003)________Plugin to assist manual testing
[*]
[*] **************************************** Grep Plugins ****************************************
[*] grep: Application_Configuration_Management_________________(OWASP-CM-004)________Searches transaction DB for comments
[*] grep: Clickjacking_________________________________________(OWTF-WGP-001)________Searches transaction DB for Clickjacking protections
[*] grep: Cookies_attributes___________________________________(OWASP-SM-002)________Searches transaction DB for Cookie attributes
[*] grep: CORS_________________________________________________(OWTF-WGP-002)________Searches transaction DB for Cross Origin Resource Sharing headers
[*] grep: Credentials_transport_over_an_encrypted_channel______(OWASP-AT-001)________Searches transaction DB for credentials protections
[*] grep: DoS_Failure_to_Release_Resources_____________________(OWASP-DS-007)________Searches transaction DB for timing information
[*] grep: Logout_and_Browser_Cache_Management__________________(OWASP-AT-007)________Searches transaction DB for Cache snooping protections
[*] grep: Old_Backup_and_Unreferenced_Files____________________(OWASP-CM-006)________Searches transaction DB for juicy files
[*] grep: Reflected_Cross_Site_Scripting_______________________(OWASP-DV-001)________Searches transaction DB for XSS protections
[*] grep: Testing_for_CSRF_____________________________________(OWASP-SM-005)________Searches transaction DB for CSRF protections
[*] grep: Testing_for_SSI_Injection____________________________(OWASP-DV-009)________Searches transaction DB for SSI directives
[*] grep: Testing_for_SSL-TLS__________________________________(OWASP-CM-001)________Searches transaction DB for SSL protections
[*] grep: Vulnerable_Remember_Password_and_Pwd_Reset___________(OWASP-AT-006)________Searches transaction DB for autocomplete protections
[*] grep: Web_Application_Fingerprint__________________________(OWASP-IG-004)________Searches transaction DB for fingerprint traces
[*]
[*] **************************************** Passive Plugins ****************************************
[*] passive: Application_Discovery_____________________________(OWASP-IG-005)________Third party discovery resources
[*] passive: HTTP_Methods_and_XST______________________________(OWASP-CM-008)________Third party resources
[*] passive: Old_Backup_and_Unreferenced_Files_________________(OWASP-CM-006)________Google Hacking for juicy files
[*] passive: Search_engine_discovery_reconnaissance____________(OWASP-IG-002)________General Google Hacking/Email harvesting, etc
[*] passive: Spiders_Robots_and_Crawlers_______________________(OWASP-IG-001)________robots.txt analysis through third party sites
[*] passive: Testing_for_Admin_Interfaces______________________(OWASP-CM-007)________Google Hacking for Admin interfaces
[*] passive: Testing_for_Captcha_______________________________(OWASP-AT-008)________Google Hacking for CAPTCHA
[*] passive: Testing_for_Cross_site_flashing___________________(OWASP-DV-004)________Google Hacking for Cross Site Flashing
[*] passive: Testing_for_Error_Code____________________________(OWASP-IG-006)________Google Hacking for Error codes
[*] passive: Testing_for_SQL_Injection_________________________(OWASP-DV-005)________Google Hacking for SQLi
[*] passive: Testing_for_SSL-TLS_______________________________(OWASP-CM-001)________Third party resources
[*] passive: Web_Application_Fingerprint_______________________(OWASP-IG-004)________Third party resources and fingerprinting suggestions
[*] passive: WS_Information_Gathering__________________________(OWASP-WS-001)________Google Hacking/Third party sites for Web Services
[*]
[*] **************************************** Semi-Passive Plugins ****************************************
[*] semi_passive: HTTP_Methods_and_XST_________________________(OWASP-CM-008)________Normal request for HTTP methods analysis
[*] semi_passive: Search_engine_discovery_reconnaissance_______(OWASP-IG-002)________Metadata analysis
[*] semi_passive: Session_Management_Schema____________________(OWASP-SM-001)________Normal requests to gather session managament info
[*] semi_passive: Spiders_Robots_and_Crawlers__________________(OWASP-IG-001)________Normal request for robots.txt analysis
[*] semi_passive: Testing_for_Cross_site_flashing______________(OWASP-DV-004)________Normal requests for XSF analysis
[*] semi_passive: Web_Application_Fingerprint__________________(OWASP-IG-004)________Normal requests to gather fingerprint info