index.py

from flask import Flask, render_template, request, make_response, jsonify
import os
import wayback
from wayback import waybackMachine
import s3buckets
from s3buckets import bucketfinder
import clickjack
from clickjack import checkClick
import hsts
from hsts import checkHSTS
import subdomain
from subdomain import findDomain
import portscan
from portscan import portscanner
import emailspoof
from emailspoof import emailspoof_ZT
import testSSL
from testSSL import testssl
import googleDork
from googleDork import dorks
import gitDork
from gitDork import githubDorker
import cms
from cms import cms_scan
import cors
from cors import cors_scan
import nucleiCheck
from nucleiCheck import nuclei_check
import serverInfo
from serverInfo import checkServer
import dirListing
from dirListing import scanDirectory
import xss
from xss import scanXSS
import sql
from sql import checkSqli
app = Flask(__name__)


@app.route('/')
def home():
    return render_template("index.html")


@app.route('/active', methods=["POST"])
def active():
    response = {}
    response['success'] = True
    data = request.get_json()
    domain = data['domain']
    xssUrl = data['xssUrl']
    sqlUrl = data['sqlUrl']

    # dirb
    if(data['dirb']):
        res = scanDirectory(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # portscanner
    if(data['port']):
        res = portscanner(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # subdomain enumeration
    if(data['subd']):
        res = findDomain(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # check SSL
    if(data['ssl']):
        res = testssl(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # cms check
    if(data['cms']):
        res = cms_scan(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    if(data['cms']):
        res = cms_scan(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # cors check
    if(data['cors']):
        res = cors_scan(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # server info disclosure
    if(data['server']):
        res = checkServer(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # xss check
    if(data['xss']):
        res = scanXSS(xssUrl)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # sqli
    if(data['sqli']):
        res = checkSqli(sqlUrl)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # nuclei
    if(data['nuclei']):
        res = nuclei_check(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    return jsonify(response)


@app.route('/passive', methods=["POST"])
def passive():
    response = {}
    response['success'] = True
    data = request.get_json()
    domain = data['domain']
    s3Company = data['s3Company']

    # wayback
    if(data['wayback']):
        res = waybackMachine(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # hsts check
    if(data['hsts']):
        print("hsts0")
        res = checkHSTS(domain)
        print("hsts")
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # s3 buckets
    if(data['s3']):
        res = bucketfinder(s3Company)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # clickjack
    if(data['clickjack']):
        res = checkClick(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # email spoof
    if(data['espoof']):
        res = emailspoof_ZT(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # google dork
    if(data['gdork']):
        res = dorks(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    # git dork
    if(data['gitdork']):
        res = githubDorker(domain)
        if(res == False):
            response['success'] = False
            return jsonify(response)

    return jsonify(response)


app.run(debug=True)