web-vulnerability-scanner/manual.py at main · sanjib2006/web-vulnerability-scanner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
from termcolor import cprint

def print_header(text):
    cprint(text, 'yellow', attrs=['bold'])

def print_section(header, content):
    cprint(header, 'cyan', attrs=['bold'])
    print(content)
    print()

def print_input_section(header, description, example_input, expected_output):
    cprint(header, 'magenta', attrs=['bold'])
    print(f"Description: {description}")
    print(f"Example Input: {example_input}")
    print(f"Expected Output: {expected_output}")
    print()

def run_manual():
    print_header("Web Vulnerability Scanner - Feature Inputs")

    # Network Scanner Input Section
    print_section("1. Network (Port) Scanner",
                  "Scans open ports on a target domain/IP address to identify potential vulnerabilities.")
    print_input_section("Inputs:",
                        "Domain name or IP address of the target, along with a port range to scan.",
                        "Example Input: 'example.com', '80-100'",
                        "Expected Output: List of open ports, such as 'Port 80: Open', 'Port 443: Open'")

    # Subdomain Enumeration Input Section
    print_section("2. Subdomain Enumeration",
                  "Detects subdomains associated with the given target domain.")
    print_input_section("Inputs:",
                        "The domain name of the target website.",
                        "Example Input: 'example.com'",
                        "Expected Output: List of detected subdomains, such as 'www.example.com', 'mail.example.com'")

    # Directory Listing Input Section
    print_section("3. Directory Listing",
                  "Enumerates hidden or accessible directories using wordlists.")
    print_input_section("Inputs:",
                        "Domain name of the target website.",
                        "Example Input: 'example.com'",
                        "Expected Output: List of discovered directories, such as 'example.com/admin', 'example.com/images'")

    # SQL Injection Input Section
    print_section("4. SQL Injection Detection",
                  "Detects potential SQL injection vulnerabilities in web applications.")
    print_input_section("Inputs:",
                        "The URL where input data is sent (e.g., form submission), and the parameter ID for input fields (HTML element IDs).",
                        "Example Input: 'http://example.com/login', 'username'",
                        "Expected Output: Printed payloads and their corresponding responses, such as '[!] SQL Injection Detected'")

    # XSS Detection Input Section
    print_section("5. XSS Detection",
                  "Detects potential Cross-Site Scripting (XSS) vulnerabilities.")
    print_input_section("Inputs:",
                        "The URL of the web application and the type of input (URL-based GET or POST-based).",
                        "Example Input: 'http://example.com/search', 'query'",
                        "Expected Output: Printed payloads and their corresponding responses, such as '[!] XSS Detected'")

    # Brute Force Input Section
    print_section("6. Brute Force Attack Simulation",
                  "Simulates a brute force attack on authentication systems using common passwords.")
    print_input_section("Inputs:",
                        "The URL of the login form, the username or email field, and the password field.",
                        "Example Input: 'http://example.com/login', 'username', 'password'",
                        "Expected Output: If successful, prints the correct password, such as 'Password found: 12345'")

    # End of Man Page
    cprint("End of Feature Inputs", 'red', attrs=['bold'])


if __name__ == "__main__":
    run_manual()