cansina是用python写的一款探测网站的敏感目录和内容的安全测试工具,其具有如下特点:
- 多线程
- HTTP/S代理支持
- 数据持久性(sqlite3)
- 多后缀支持(-e php,asp,aspx,txt....)
- 网页内容识别(will watch for a specific string inside web page content )
- 跳过假404错误
- 可跳过被过滤的内容
- 报表功能
- 基础认证
使用方法
全部参数
usage: cansina.py -u url -p payload [options]
Cansina is a web content discovery tool. It makes requests and analyze the
responses trying to figure out whether the resource is or not accessible.
optional arguments:
-h, --help show this help message and exit
-A AUTHENTICATION Basic Authentication (e.g: user:password)
-C COOKIES your cookies (e.g: key:value)
-D Check for fake 404 (warning: machine decision)
-H Make HTTP HEAD requests
-P PROXIES Set a http and/or https proxy (ex:
h