-
-
Notifications
You must be signed in to change notification settings - Fork 0
Plugins Development
Krish Lalwani edited this page Jun 12, 2024
·
1 revision
A number of tools are provided with WhoKnows in the ./plugin-development/ directory to simplify plugin creation and testing :
- wget-alexa-top-1m (Download and extract the Alexa top one million domains in newline format)
- wget-list (Downloads each URL's html and headers into the current directory)
- find-common-stuff (Helper for plugin research - identify common tags, paths / quoted text in tags, link text)
- get-pattern (Page Pattern Generator - Feed a url - Get its tag pattern that's ready to use in your plugin)
- wikipedia-top-1000.txt (Top 1,000 domains linked from Wikipedia)
- alexa-top-100.txt (Top 100 Alexa domain
- alexa-top-1000.txt (Top 1,000 Alexa domains)
Proposed tools for WhoKnows plugin development and automation :
- nikto-2-whoknows (convert nikto db_tests to whoknows compatible plugin)
- metasploit-2-whoknows (convert metasploit web check to whoknows compatible plugin)
- wafp-2-whoknows
bcoles
- whoknows-to-metasploit
Pre-requisites : CVE arrays in WhoKnows plugins for reporting
Description : Search Metasploit for the CVE and parse the URL for exploitation.