-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathvulnerability_template.py
More file actions
49 lines (35 loc) · 19 KB
/
Copy pathvulnerability_template.py
File metadata and controls
49 lines (35 loc) · 19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
import requests
import json
import argparse
file = open("config.json", "r")
data = json.load(file)
file.close()
USER_ID = data['USER_ID']
API_TOKEN = data['API_TOKEN']
API_ROOT = data['API_ROOT']
AUTH = (USER_ID, API_TOKEN)
def vulnerability_template():
endpoint_url = API_ROOT % "vulnerability/template"
parser = argparse.ArgumentParser(description='Gets the vulnerability template using given vulnerability type.')
parser.add_argument('-r', '-repoid', type=str, help='Report Policy ID')
parser.add_argument('-t', '-type', type=str, choices=['Custom', 'None', 'HighlyPossibleSqlInjection', 'Xss', 'PossibleXss', 'PermanentXss', 'PossiblePermanentXss', 'InternalServerError', 'ForbiddenResource', 'PassiveVulns', 'PossibleBlindSqlInjection', 'NtlmAuthrizationRequired', 'BasicAuthorisationRequired', 'DigestAuthorizationRequired', 'ClearTextBasicAuth', 'ConfirmedBlindSqlInjection', 'PossibleSqlInjection', 'ConfirmedSqlInjection', 'FileUploadFound', 'AutoCompleteEnabled', 'PasswordOverHttp', 'PasswordFormOverHttp', 'InternalIPLeakage', 'CookieNotMarkedAsSecure', 'CookieNotMarkedAsHttpOnly', 'ConfirmedBooleanSqlInjection', 'PossibleBooleanSqlInjection', 'PasswordToHttp', 'CommandInjection', 'BlindCommandInjection', 'PossibleBlindCommandInjection', 'HeaderInjection', 'MySqlIdentified', 'MsSqlIdentified', 'MsAccessIdentified', 'DbConnectedAsAdmin', 'AspNetIdentified', 'AspNetVersionDisclosure', 'IisDirectoryListing', 'ApacheDirectoryListing', 'TomcatDirectoryListing', 'PhpSourceCodeDisclosure', 'AspNetSourceCodeDisclosure', 'GenericSourceCodeDisclosure', 'PossibleInternalUnixPathLeakage', 'MsOfficeDocumentInformationDisclosure', 'PhpInfoIdentified', 'PossibleLocalFileInclusion', 'OracleIdentified', 'PostgreSqlIdentified', 'HighPossibilityLfi', 'Lfi', 'PossibleInternalWindowsPathLeakage', 'EmailDisclosure', 'SocialSecurityNumberDisclosure', 'ApacheVersionDisclosure', 'TomcatVersionDisclosure', 'PhpVersionDisclosure', 'IisVersionDisclosure', 'WebLogicVersionDisclosure', 'LighttpdVersionDisclosure', 'SharePointVersionDisclosure', 'ApacheCoyoteVersionDisclosure', 'OracleApplicationServerVersionDisclosure', 'OpenSslVersionDisclosure', 'ApacheModuleVersionDisclosure', 'PerlVersionDisclosure', 'FrontPageVersionDisclosure', 'PythonVersionDisclosure', 'JavaServletVersionDisclosure', 'SitemapIdentified', 'CrossDomainXml', 'RobotsIdentified', 'SpecialCase', 'SpecialCaseNoCookies', 'SpecialCaseNoBasicAuthentication', 'ApacheServerStatus', 'ApacheServerInfo', 'ClientAccessPolicy', 'OpenCrossDomainXml', 'OpenClientAccessPolicy', 'HighPossibleBooleanSqlInjection', 'DatabaseErrorMessages', 'ProgrammingErrorMessages', 'ApacheMultiViewsEnabled', 'BackupFileFound', 'BackupSourceCodeFound', 'TraceTrackIdentified', 'TraceaxdFound', 'ElmahaxdFound', 'AspNetDebugEnabled', 'LfiCodeInclusion', 'AspNetStackTrace', 'SvnDisclosure', 'GitDisclosure', 'CvsDisclosure', 'Rfi', 'PossibleRfi', 'PossibleCi', 'XssViaRfi', 'RceAsp', 'PossibleRceAsp', 'RcePhp', 'PossibleRcePhp', 'RcePerl', 'PossibleRcePerl', 'ViewStateMacNotEnabled', 'ViewStateNotEncrypted', 'ViewStateAnalyzer', 'OpenRedirect', 'TomcatExceptionReport', 'DjangoStackTraceDisclosure', 'Struts2DevModeEnabled', 'AspNetDirectoryListing', 'MySqlUsernameDisclosure', 'MsSqlUsernameDisclosure', 'WinUsernameDisclosure', 'RceViaLfi', 'XssProtectionDisabled', 'MdbFound', 'WeakCredentials', 'PythonStackTraceDisclosure', 'ColdFusionStackTraceDisclosure', 'DefaultIis7Page', 'DefaultIis6Page', 'DefaultApachePage', 'SinatraStackTraceDisclosure', 'SqliteFound', 'OutlookFileFound', 'DsStoreFileFound', 'FrameInjection', 'DefaultTomcatPage', 'TomcatSourceCodeDisclosure', 'WebBackdoorIdentified', 'PassiveWebBackdoorIdentified', 'PossibleAdminFile', 'PossibleConfigFile', 'PossibleReadmeFile', 'PossibleInstallationFile', 'PossibleLogFile', 'PossibleSqlFile', 'PossibleTestFile', 'TomcatOutOfDate', 'ApacheOutOfDate', 'MsSqlOutOfDate', 'MySqlOutOfDate', 'PhpOutOfDate', 'OpenSslOutOfDate', 'RedirectBodyTooLarge', 'RedirectTwoResponses', 'SslVersion2Support', 'WeakCiphersDetected', 'AnonAuthDetected', 'WeakSignatureAlgorithmDetected', 'InvalidSslCertificate', 'SslVersion3Support', 'IntermediateWeakSignatureAlgorithmDetected', 'MvcVersionDisclosure', 'MongrelVersionDisclosure', 'NginxVersionDisclosure', 'MySQLDoSDetected', 'GrailsStackTraceDisclosure', 'PossibleElInjection', 'ElInjection', 'ApacheMyFacesStackTraceDisclosure', 'PasswordOverQuerystring', 'ColdFusionSourceCodeDisclosure', 'AWStatsIdentified', 'MintIdentified', 'PiwikIdentified', 'WSFTPLogFileIdentified', 'WebConfigIdentified', 'LigHTTPDDirectoryListing', 'NginxDirectoryListing', 'LiteSpeedDirectoryListing', 'GenericEmailDisclosure', 'DefaultIis8Page', 'ShellScriptIdentified', 'PossibleDatabaseConnectionStringIdentified', 'UNCServerAndShareDisclosure', 'HstsNotEnabled', 'HstsMaxAge', 'HstsViaHttp', 'HstsErrors', 'WordPressOutOfDate', 'DrupalOutOfDate', 'JoomlaOutOfDate', 'MediaWikiOutOfDate', 'MovableTypeOutOfDate', 'OscommerceOutOfDate', 'PhpBBOutOfDate', 'TWikiOutOfDate', 'WordPressIdentified', 'DrupalIdentified', 'JoomlaIdentified', 'MediaWikiIdentified', 'MovableTypeIdentified', 'OscommerceIdentified', 'PhpBBIdentified', 'TWikiIdentified', 'RceRorXml', 'RceRorJson', 'PossibleRceRorXml', 'PossibleRceRorJson', 'VersionDisclosureModSsl', 'PHPMyAdminIdentified', 'WebalizerIdentified', 'VersionDisclosureRuby', 'VersionDisclosureWebrick', 'OptionsMethodEnabled', 'WebDavEnabled', 'WebDavDirectoryHasWritePermissions', 'CodeExecutionViaWebDav', 'WebDavDirectoryListing', 'CsrfDetected', 'CsrfInLoginFormDetected', 'CookieLeakageInAntiCsrfTokenDetected', 'MisconfiguredFrame', 'InsecureFrameExternal', 'DomBasedXss', 'NuSoapVersionDisclosure', 'NuSoapOutOfDate', 'AutoCompleteEnabledPasswordField', 'NginxOutOfDate', 'PerlSourceCodeDisclosure', 'PythonSourceCodeDisclosure', 'RubySourceCodeDisclosure', 'JavaSourceCodeDisclosure', 'OpenSslHeartbleedVulnerability', 'NginxIdentified', 'ApacheIdentified', 'JavaStackTraceDisclosure', 'MissingXFrameOptionsHeader', 'MissingContentTypeHeader', 'CommandInjectionShellshock', 'PossibleReflectedFileDownload', 'InsecureJsonpEndpoint', 'InsecureReflectedContent', 'MisconfiguredAccessControlOrigin', 'PassiveMixedContent', 'Teapot', 'PossibleXxe', 'Xxe', 'UnrestrictedFileUpload', 'CodeExecutionViaFileUpload', 'PossibleCreditCardDisclosure', 'RsaPrivateKeyDetected', 'RceInHttpSys', 'OpenRedirectInPost', 'FormHijacking', 'BaseTagHijacking', 'WindowsShortFilename', 'RorDatabaseConfigurationFileDetected', 'RorDevelopmentModeEnabled', 'RorVersionDisclosure', 'RubyGemsVersionDisclosure', 'RubyGemsOutOfDate', 'RubyOutOfDate', 'RorOutOfDate', 'PythonOutOfDate', 'PerlOutOfDate', 'DjangoDebugModeEnabled', 'DjangoVersionDisclosure', 'DjangoOutOfDate', 'PhpLiteAdminIdentified', 'AdminerIdentified', 'MicrosoftIisLogFileIdentified', 'PhpMoAdminIdentified', 'DbNinjaIdentified', 'LaravelEnvironmentConfigurationFileDetected', 'LaravelDebugModeEnabled', 'LaravelStackTraceDisclosure', 'SublimeSftpConfigFileDetected', 'RorStackTraceDisclosure', 'JqueryOutOfDate', 'JqueryMigrateOutOfDate', 'JqueryMobileOutOfDate', 'JqueryUiDialogOutOfDate', 'JqueryUiAutocompleteOutOfDate', 'JqueryUiTooltipOutOfDate', 'PrettyPhotoOutOfDate', 'JplayerOutOfDate', 'YuiOutOfDate', 'PrototypejsOutOfDate', 'EmberOutOfDate', 'DojoOutOfDate', 'AngularjsOutOfDate', 'BackbonejsOutOfDate', 'MustachejsOutOfDate', 'HandlebarsjsOutOfDate', 'EasyXdmOutOfDate', 'PluploadOutOfDate', 'DomPurifyOutOfDate', 'DwrOutOfDate', 'InsecureHttpUsage', 'OpenCartIdentified', 'OpenCartOutOfDate', 'MissingXssProtectionHeader', 'VideojsOutOfDate', 'TlsVersion1Support', 'SameSiteCookieNotImplemented', 'ReverseTabnabbing', 'SubResourceIntegrityNotImplemented', 'SubResourceIntegrityHashInvalid', 'PossibleSsrf', 'OutOfBandSqlInjection', 'OutOfBandXxe', 'BlindXss', 'OutOfBandRfi', 'OutOfBandRcePhp', 'OutOfBandCommandInjection', 'SsrfAws', 'PossibleSsrfAws', 'SsrfElmah', 'PossibleSsrfElmah', 'SsrfTrace', 'PossibleSsrfTrace', 'OutOfBandRceAsp', 'OutOfBandRcePerl', 'DomBasedOpenRedirect', 'DeprecatedCspHeader', 'CspNotImplemented', 'InvalidCspMetaTag', 'InvalidCspInsructionInMeta', 'CspKeywordUsedAsTarget', 'UnsafeCspInstructionDetected', 'NonceDetectedInCsp', 'NoScriptTagDetectedWithNonce', 'SameNonceValueDetected', 'DefaultSrcUsedInCsp', 'InsecureReportUriDetectedInCsp', 'ReportUriWithDifferentHostDetectedInCsp', 'WildcardDetectedInScheme', 'WildcardDetectedInDomain', 'WildcardDetectedInPort', 'UnsupportedHashDetectedInScriptInstruction', 'InsecureNonceValueDetected', 'SsrfElmahMvc', 'PossibleSsrfElmahMvc', 'DeprecatedHeaderDetectedWithCspHeader', 'InvalidNonceDetectedInCsp', 'NoScriptTagDetectedWithHash', 'DataCspDirectiveDetected', 'CspReportOnlyHeaderDetectedWithoutReportUri', 'CspReportOnlyUsedInMeta', 'SingleHeaderMultipleCookies', 'OutOfBandRceRoRXml', 'OutOfBandRceRoRJson', 'ObjectSrcNotUsed', 'ApacheMultiChoiceEnabled', 'HttpOrHttpsDetectedOnScriptSrc', 'InsecureTargetUriDetectedInCsp', 'PossibleTimeBasedSsrf', 'PossibleBlindXss', 'PossibleSsrfSsh', 'PossibleSsrfMySql', 'RceApacheStruts', 'PossibleRceApacheStruts', 'ControllableCookie', 'ReferrerPolicyNotImplemented', 'ReferrerPolicyReferrerLeakToSameProtocol', 'ReferrerPolicyOriginLeakToCrossSite', 'ReferrerPolicySameProtocolLeak', 'ReferrerPolicyCrossOriginLeak', 'ReferrerPolicyStrictCrossOriginLeak', 'ReferrerPolicyCrossSiteReferrerLeak', 'ReferrerPolicyUnknown', 'ReferrerPolicyFallbackMissing', 'MsSqlDatabaseNameDisclosure', 'MySqlDatabaseNameDisclosure', 'ActiveMixedContent', 'MixedContentScript', 'MixedContentResource', 'KnockoutjsOutOfDate', 'BootstrapjsOutOfDate', 'TypeaheadjsOutOfDate', 'FootablejsOutOfDate', 'SortablejsOutOfDate', 'ImagePickerOutOfDate', 'JqueryValidationOufOfDate', 'AspNetSignalROutOfDate', 'Select2OutOfDate', 'MomentjsOutOfDate', 'Html5ShivOutOfDate', 'IonRangeSliderOutOfDate', 'JsTreeOutOfDate', 'ModernizrOutOfDate', 'RespondjsOutOfDate', 'FuelUxOutOfDate', 'BootboxOutOfDate', 'KnockoutMappingOutOfDate', 'JqueryMaskOutOfDate', 'Bootstrap3DateTimePickerOutOfDate', 'BootstrapToggleOutOfDate', 'JavaScriptCookieOutOfDate', 'MixedContentFont', 'MixedContentXhrEndpoint', 'PossibleRceNodeJs', 'RceNodeJs', 'ReactOutOfDate', 'PossibleSsrfApacheServerStatus', 'DefaultIis85Page', 'DefaultIis100Page', 'DefaultIis75Page', 'DefaultIis7XPage', 'CkeditorOutOfDate', 'WordPressSetupConfigurationFile', 'PossibleOutOfBandCommandInjectionStruts052', 'OutOfBandCommandInjectionStruts053',
'LighttpdOutOfDate', 'PostgreSqlOutOfDate', 'RceApacheStrutsS0253', 'PossibleRceApacheStrutsS0253', 'RceApacheStrutsS2046', 'PossibleRceApacheStrutsS2046', 'RceApacheStrutsS2045', 'PossibleRceApacheStrutsS2045', 'AbanteCartIdentified', 'AbanteCartOutOfDate', 'AmpacheIdentified', 'AmpacheOutOfDate', 'AtutorIdentified', 'AtutorOutOfDate', 'ChamiloIdentified', 'ChamiloOutOfDate', 'ClarolineIdentified', 'ClarolineOutOfDate', 'CollabtiveIdentified', 'CollabtiveOutOfDate', 'Concrete5Identified', 'Concrete5OutOfDate', 'CoppermineIdentified', 'CoppermineOutOfDate', 'CubeCartIdentified', 'CubeCartOutOfDate', 'DokuWikiIdentified', 'DokuWikiOutOfDate', 'DotClearIdentified', 'DotClearOutOfDate', 'E107Identified', 'E107OutOfDate', 'FamilyConnectionsIdentified', 'FamilyConnectionsOutOfDate', 'FluxBBIdentified', 'FluxBBOutOfDate', 'FormToolsIdentified', 'FormToolsOutOfDate', 'FrontAccountingIdentified', 'FrontAccountingOutOfDate', 'GibbonEduIdentified', 'GibbonEduOutOfDate', 'HeskIdentified', 'HeskOutOfDate', 'LimeSurveyIdentified', 'LimeSurveyOutOfDate', 'LiveHelperChatIdentified', 'LiveHelperChatOutOfDate', 'LogaholicIdentified', 'LogaholicOutOfDate', 'MibewMessengerIdentified', 'MibewMessengerOutOfDate', 'ModXIdentified', 'ModXOutOfDate', 'MoodleIdentified', 'MoodleOutOfDate', 'MyBBIdentified', 'MyBBOutOfDate', 'OmekaIdentified', 'OmekaOutOfDate', 'OsClassIdentified', 'OsClassOutOfDate', 'OsTicketIdentified', 'OsTicketOutOfDate', 'PrestashopIdentified', 'PrestashopOutOfDate', 'EspoCrmIdentified', 'EspoCrmOutOfDate', 'ElggIdentified', 'ElggOutOfDate', 'PhorumIdentified', 'PhorumOutOfDate', 'PhpFusionIdentified', 'PhpFusionOutOfDate', 'PhpAddressBookIdentified', 'PhpAddressBookOutOfDate', 'PhpListIdentified', 'PhpListOutOfDate', 'PmWikiIdentified', 'PmWikiOutOfDate', 'PodcastGeneratorIdentified', 'PodcastGeneratorOutOfDate', 'ProjectSendIdentified', 'ProjectSendOutOfDate', 'Question2AnswerIdentified', 'Question2AnswerOutOfDate', 'RukovoditelIdentified', 'RukovoditelOutOfDate', 'SeoPanelIdentified', 'SeoPanelOutOfDate', 'SerendipityIdentified', 'SerendipityOutOfDate', 'TcExamIdentified', 'TcExamOutOfDate', 'VanillaForumsIdentified', 'VanillaForumsOutOfDate', 'WebErpIdentified', 'WebErpOutOfDate', 'WeBidIdentified', 'WeBidOutOfDate', 'XoopsIdentified', 'XoopsOutOfDate', 'YetiForceCrmIdentified', 'YetiForceCrmOutOfDate', 'YourlsIdentified', 'YourlsOutOfDate', 'ZenCartIdentified', 'ZenCartOutOfDate', 'ZenPhotoIdentified', 'ZenPhotoOutOfDate', 'PiwigoIdentified', 'PiwigoOutOfDate', 'ZurmoIdentified', 'ZurmoOutOfDate', 'OwnCloudIdentified', 'OwnCloudOutOfDate', 'PhpMyFaqIdentified', 'PhpMyFaqOutOfDate', 'RoundcubeIdentified', 'RoundcubeOutOfDate', 'ZikulaIdentified', 'ZikulaOutOfDate', 'WeakRobotOracleDetected', 'StrongRobotOracleDetected', 'ZeptojsOutOfDate', 'HammerjsOutOfDate', 'VuejsOutOfDate', 'PhaserOutOfDate', 'ChartjsOutOfDate', 'RamdaOutOfDate', 'RevealJsOutOfDate', 'PixiJsOutOfDate', 'FabricJsOutOfDate', 'SemanticUIOutOfDate', 'LeafletOutOfDate', 'PossibleOutOfBandCommandInjection', 'FoundationOutOfDate', 'ThreeJsOutOfDate', 'PdfJsOutOfDate', 'ExpressJsIdentified', 'PossibleSsti', 'Ssti', 'PossibleCodeExecutionViaSsti', 'CodeExecutionViaSsti', 'PossibleCodeExecutionViaSstiTwig', 'CodeExecutionViaSstiTwig', 'PossibleCodeExecutionViaSstiMako', 'CodeExecutionViaSstiMako', 'PossibleCodeExecutionViaSstiSmarty', 'CodeExecutionViaSstiSmarty', 'PossibleCodeExecutionViaSstiNunjucks', 'CodeExecutionViaSstiNunjucks', 'PossibleCodeExecutionViaSstiJade', 'CodeExecutionViaSstiJade', 'PossibleSstiDot', 'SstiDot', 'PossibleCodeExecutionViaSstiDot', 'CodeExecutionViaSstiDot', 'PossibleSstiEjs', 'SstiEjs', 'PossibleCodeExecutionViaSstiEjs', 'CodeExecutionViaSstiEjs', 'PossibleCodeExecutionViaSstiMarko', 'CodeExecutionViaSstiMarko', 'PossibleCodeExecutionViaSstiTornado', 'CodeExecutionViaSstiTornado', 'PossibleCodeExecutionViaSstiFreeMarker', 'CodeExecutionViaSstiFreeMarker', 'PossibleSstiVelocity', 'SstiVelocity', 'PossibleCodeExecutionViaSstiVelocity', 'CodeExecutionViaSstiVelocity', 'PossibleSstiErb', 'SstiErb', 'PossibleCodeExecutionViaSstiErb', 'CodeExecutionViaSstiErb', 'PossibleCodeExecutionViaSstiSlim', 'CodeExecutionViaSstiSlim', 'PossibleCodeExecutionViaSstiJinja', 'CodeExecutionViaSstiJinja', 'PossibleSstiFreeMarker', 'SstiFreeMarker', 'OutOfBandCodeExecutionViaSsti', 'OutOfBandCodeExecutionViaSstiMako', 'OutOfBandCodeExecutionViaSstiTornado', 'OutOfBandCodeExecutionViaSstiJinja', 'OutOfBandCodeExecutionViaSstiMarko', 'OutOfBandCodeExecutionViaSstiDot', 'OutOfBandCodeExecutionViaSstiNunjucks', 'OutOfBandCodeExecutionViaSstiJade', 'OutOfBandCodeExecutionViaSstiSmarty', 'ExpectCtIsMissing', 'ExpectCtShouldBeServedOverTls', 'ExpectCtReportOnlyModeIsEnabled', 'ExpectCtErrors', 'AuthenticationRequired', 'CaddyWebServerIdentified', 'AahGoServerIdentified', 'JbossApplicationServerIdentified', 'JbossVersionDisclosure', 'Ckeditor5OutOfDate', 'CakePhpIdentified', 'CakePhpStackTraceDisclosure', 'DefaultPageCakePhp', 'CakePhpVersionDisclosure', 'CakePhpOutOfDate', 'CherryPyVersionDisclosure', 'CherryPyOutOfDate', 'OutOfBandCodeExecutionViaSstiEjs', 'OutOfBandCodeExecutionViaSstiTwig', 'OutOfBandCodeExecutionViaSstiFreeMarker', 'OutOfBandCodeExecutionViaSstiVelocity', 'CherryPyStackTraceDisclosure', 'IntrojsOutOfDate', 'AxiosOutOfDate', 'Fingerprintjs2OutOfDate', 'XRegExpOutOfDate', 'DataTablesOutOfDate', 'LazyjsOutOfDate', 'FancyBoxOutOfDate', 'UnderscorejsOutOfDate', 'LightboxOutOfDate', 'JbossApplicationServerOutOfDate', 'SweetAlert2OutOfDate', 'LodashOutOfDate', 'BluebirdOutOfDate', 'PolymerOutOfDate', 'ReviveAdserverIdentified', 'ReviveAdserverOutOfDate', 'B2evolutionIdentified', 'B2evolutionOutOfDate', 'DolphinIdentified', 'DolphinOutOfDate', 'PH7CMSIdentified', 'PH7CMSOutOfDate', 'QdPMIdentified', 'QdPMOutOfDate', 'VtigerIdentified', 'VtigerOutOfDate', 'DolibarrIdentified', 'DolibarrOutOfDate', 'ClipBucketIdentified', 'ClipBucketOutOfDate', 'ContaoIdentified', 'ContaoOutOfDate', 'MisconfiguredXFrameOptionsHeader', 'RubyErrorDisclosure', 'WpEngineConfigurationFileDetected', 'SessionCookieNotMarkedAsSecure', 'PossibleHeaderInjection', 'OracleOutOfDate', 'TsWebIdentified', 'DrupalRce', 'MithrilOutOfDate', 'EfJsOutOfDate', 'MathJsOutOfDate', 'ListJsOutOfDate', 'RequireJsOutOfDate', 'RiotJsOutOfDate', 'InfernoOutOfDate', 'MarionetteJsOutOfDate', 'GsapOutOfDate', 'TravisYamlIdentified', 'UnicodeTransformationIssue', 'MalwareIdentified', 'RorFileContentDisclosure', 'AppSiteAssociationIdentified', 'OpenSearchIdentified', 'ServletSourceCodeDisclosure', 'JspSourceCodeDisclosure', 'HtaccessIdentified', 'RcePython', 'PossibleRcePython', 'OutOfBandRcePython', 'RceRuby', 'PossibleRceRuby', 'OutOfBandRceRuby', 'SwaggerJsonIdentified', 'SslNotImplemented', 'SecurityTxtIdentified', 'RceApacheStrutsS2016', 'PossibleRceApacheStrutsS2016', 'SlickOutOfDate', 'ScrollRevealOutOfDate', 'MathJaxOutOfDate', 'RickshawOutOfDate', 'HighchartsOutOfDate', 'SnapSvgOutOfDate', 'FlickityOutOfDate', 'D3JsOutOfDate', 'GoogleChartsOutOfDate', 'HiawathaVersionDisclosure', 'CherokeeVersionDisclosure', 'HiawathaOutOfDate', 'CherokeeOutOfDate', 'OracleWebLogicOutOfDate', 'WebCacheDeception', 'IisOutOfDate', 'ImmutablejsOutOfDate', 'AxwaySecureTransportDetected', 'MisconfiguredXFrameOptionsHeaderMultipleDirectives', 'TlsVersion11Support', 'PossibleSsrfOracleCloud', 'PossibleSsrfPacketCloud', 'ExtJsOutOfDate', 'PossibleHpp', 'PossibleBreachAttack', 'TelerikWebUiVersionDisclosure', 'TelerikWebUiOutOfDate', 'JavaVersionDisclosure', 'GlassfishVersionDisclosure', 'JavaOutOfDate', 'GlassfishOutOfDate', 'WafIdentified', 'AkamaiCdnIdentified', 'AzureCdnIdentified', 'GoogleCloudCdnIdentified', 'ArvanCloudCdnIdentified', 'FastlyCdnIdentified', 'IncapsulaCdnIdentified', 'SucuriCdnIdentified', 'NetlifyCdnIdentified', 'MaxCdnIdentified', 'KeyCdnIdentified', 'FirebladeCdnIdentified', 'AireeCdnIdentified', 'West263CdnIdentified', 'InstartCdnIdentified', 'QratorCdnIdentified', 'PowerCdnIdentified', 'Cdn77Identified', 'F5BigIpProxyIdentified', 'EnvoyProxyIdentified', 'CitrixNetScalerProxyIdentified', 'ApacheTrafficServerProxyIdentified', 'HaProxyIdentified', 'SkipperProxyIdentified', 'LoginPageIdentified', 'SameSiteCookieNotMarkedAsSecure'], help='Type', required=True)
args = parser.parse_args()
parameters = {
'reportPolicyId': args.r,
'type': args.t
}
response = requests.get(endpoint_url, params=parameters, auth=AUTH)
if (response.status_code == 200):
json_response = response.json()
with open('Vulnerability_Template.json', 'w') as outfile:
json.dump(json_response, outfile, indent=4)
print("Response: %s - %s" % (response.status_code, response.reason))
print("The vulnerabilities are saved into the 'Vulnerability_Template.json' file.")
else:
print("Response: %s - %s" % (response.status_code, response.reason))
print(response.text)
def main():
vulnerability_template()
if __name__ == '__main__':
main()