<h1 align="center">
<br>
<a href="https://github.com/s0md3v/Bolt"><img src="https://i.ibb.co/2tnkLvt/bolt.png" alt="Bolt"></a>
<br>
Bolt
<br>
</h1>
<h4 align="center">A dumb CSRF scanner</h4>
<p align="center">
<a href="https://github.com/s0md3v/Bolt/releases">
<img src="https://img.shields.io/github/release/s0md3v/Bolt.svg">
</a>
<a href="https://travis-ci.com/s0md3v/Bolt">
<img src="https://img.shields.io/travis/com/s0md3v/Bolt.svg">
</a>
<a href="https://github.com/s0md3v/Bolt/issues?q=is%3Aissue+is%3Aclosed">
<img src="https://img.shields.io/github/issues-closed-raw/s0md3v/Bolt.svg">
</a>
</p>
![demo](https://i.ibb.co/mTtHTGP/Screenshot-2018-12-30-03-42-26.png)
### Important
Bolt is in beta phase of development which means there can be bugs. Any production use of this tool discouraged.
Pull requests and issues are welcome. I also suggest you to put this repo on watch if you are interested in it.
### Workflow
#### Crawling
Bolt crawls the target website to the specified depth and stores all the HTML forms found in a database for further processing.
#### Evaluating
In this phase, Bolt finds out the tokens which aren't strong enough and the forms which aren't protected.
##### Comparing
This phase focuses on detection on replay attack scenarios and hence checks if a token has been issued more than one time.
It also calculates the average [levenshtein distance](https://en.wikipedia.org/wiki/Levenshtein_distance) between all the tokens to see if they are similar.\
Tokens are also compared against a database of 250+ hash patterns.
##### Observing
In this phase, 100 simultaneous requests are made to a single webpage to see if same tokens are generated for the requests.
##### Testing
This phase is dedicated to active testing of the CSRF protection mechanism. It includes but not limited to checking if protection exsists for moblie browsers, submitting requests with self-generated token and testing if token is being checked to a certain length.
##### Analysing
Various statistical checks are performed in this phase to see if the token is really random.
Following tests are performed during this phase
- Monobit frequency test
- Block frequency test
- Runs test
- Spectral test
- Non-overlapping template matching test
- Overlapping template matching test
- Serial test
- Cumultative sums test
- Aproximate entropy test
- Random excursions variant test
- Linear complexity test
- Longest runs test
- Maurers universal statistic test
- Random excursions test
### Usage
Scanning a website for CSRF using Bolt is as easy as doing
```
python3 bolt.py -u https://github.com -l 2
```
Where `-u` is used to supply the URL and `-l` is used to specify the depth of crawling.
Other options and switches:
- `-t` number of threads
- `--delay` delay between requests
- `--timeout` http request timeout
- `--headers` supply http headers
#### Credits
Regular Expressions for detecting hashes are taken from [hashID](https://github.com/psypanda/hashID).\
Bit level entropy tests are taken from [highfestiva](https://github.com/highfestiva)'s python implementation of statistical tests.
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
螺栓 笨拙的CSRF扫描仪 重要的 Bolt处于测试的Beta阶段,这意味着可能存在错误。 不鼓励使用此工具。 欢迎提出请求和问题。 如果您对此仓库感兴趣,我也建议您将它放在监视中。 工作流程 爬行 Bolt将目标网站爬网到指定的深度,并将找到的所有HTML表单存储在数据库中以进行进一步处理。 评估 在此阶段,Bolt找出不够强大的令牌和不受保护的形式。 比较中 此阶段专注于重播攻击场景的检测,因此检查令牌是否已发行多次。 它还计算所有令牌之间的平均,以查看它们是否相似。 还将令牌与250多种哈希模式的数据库进行比较。 观察 在此阶段,对单个网页同时发出100个请求,以查看是否为请求生成了相同的令牌。 测验 此阶段专用于CSRF保护机制的主动测试。 它包括但不限于检查moblie浏览器是否存在保护,使用自行生成的令牌提交请求以及测试是否将令牌检查到一定长度。 分析 在此阶段执行各种统计检查
资源详情
资源评论
资源推荐
收起资源包目录
Bolt-master.zip (20个子文件)
Bolt-master
README.md 3KB
db
hashes.json 24KB
LICENSE 34KB
.whitesource 137B
requirements.txt 32B
.travis.yml 505B
core
ranger.py 317B
photon.py 2KB
datanize.py 1KB
config.py 528B
tweaker.py 2KB
evaluate.py 1KB
prompt.py 479B
colors.py 697B
utils.py 2KB
entropy.py 24KB
__init__.py 1B
requester.py 907B
zetanize.py 2KB
bolt.py 11KB
共 20 条
- 1
温暖如故
- 粉丝: 22
- 资源: 4642
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0