• Stars
    star
    228
  • Rank 175,267 (Top 4 %)
  • Language
    JavaScript
  • License
    MIT License
  • Created about 6 years ago
  • Updated about 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Web App Monitor

WAM Version 1.0

Introduction

WAM is a platform powered by Python to monitor "Web App", "The dynamic network information". To a certain extent, it greatly help the security researchers save time on tracking the vulnerable code updates and industry dynamics of investment.

  • AM Model: This module can monitor every updates on all of apps on internet, analysising the changes to make Tag and provide mail notification;

  • IDM Model: This module uses Web crawler to fetch the industry dynamic information and report that to users;

  • VDR Model: This module manager all of application package in the history, and save the updated version of which DIFF details;

Development

  • Lang: Python 2.7
  • Framewrok: Django 1.7.11
  • UI: Semantic-ui
  • Database: Mysql

Models

  • AM (App Monitoring)
  • IDM (Information Dynamic Monitoring)
  • VDR (The Relationship Between Vulnerability And Database)

App Monitoring

Information Dynamic Monitoring

The Relationship Between Vulnerability And Database


How to Use


Step 1. Get WAM source code

git clone https://github.com/knownsec/wam.git

Step 2. Update settings

update email server and user settings
TODO settings with dabase Storage

  • monitor/utils/local_settings.py
  • monitor/utils/email_list.py

Step 3. Deploy to server

  • nginx
  • uwsgi
  • supervisor

Just use wam/conf config files to deploy your wam code

PS. WAM with LDAP auth

Essentially, need to ensure you have the necessary development libraries installed:

apt-get install libsasl2-dev python-dev libldap2-dev libssl-dev

then pip install python-ldap and uncomment wam/settings.py AUTHENTICATION_BACKENDS to

AUTHENTICATION_BACKENDS = (
    'wam.ldap_backend.LDAPBackend', # 如果想使LDAP 认证取消注释
    'django.contrib.auth.backends.ModelBackend',
)

More Repositories

1

404StarLink

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
8,436
star
2

KCon

KCon is a famous Hacker Con powered by Knownsec Team.
JavaScript
4,578
star
3

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Python
3,641
star
4

ksubdomain

无状态子域名爆破工具
Go
2,242
star
5

Pocsuite

This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
Python
1,828
star
6

shellcodeloader

shellcodeloader
C++
1,668
star
7

Kunyu

Kunyu, more efficient corporate asset collection
Python
1,011
star
8

RD_Checklist

知道创宇研发技能表
Python
828
star
9

404StarLink-Project

Focus on promoting the evolution of tools in different aspects of security research.专注于推动安全研究各个领域工具化.(项目收录逐步迁移至 https://github.com/knownsec/404StarLink)
813
star
10

rtcp

利用 Python 的 Socket 端口转发,用于远程维护
Python
709
star
11

ZoomEye-python

ZoomEye-python: The official Python library and CLI by Knownsec 404 Team.
Python
530
star
12

LSpider

LSpider 一个为被动扫描器定制的前端爬虫
Python
345
star
13

gsm

使用树莓派配合硬件来进行短信转发
Go
342
star
14

Ethereum-Smart-Contracts-Security-CheckList

Ethereum Smart Contracts Security CheckList From Knownsec 404 Team
155
star
15

VxPwn

VxWorks漏洞挖掘相关
Python
154
star
16

PortForward

The port forwarding tool developed by Golang solves the problem that the internal and external networks cannot communicate in certain scenarios
Go
135
star
17

ct

简单易用的域名爆破工具
Rust
102
star
18

Zoomeye-Tools

Zoomeye Tools是配合Zoomeye使用的Chrome插件
JavaScript
42
star
19

Decrypt-ransomware

Python
37
star
20

Minitools-bin_extractor

A simple script for quickly mining sensitive information in binary files.
Python
29
star
21

LBot

A simple xss bot template
Python
23
star
22

ZoomeyeGPT

JavaScript
21
star
23

404-Team-ShowCase

19
star
24

Minitools-cidrgen

cidrgen is based on cidr's subnet IP list generator
Go
15
star
25

Minitools-ipstatistics

ipstatistics is a script based on the ipip library that is used to quickly filter the ip list.
Python
14
star
26

workin

workin tornado
JavaScript
14
star
27

Minitools-CookieTest

A script used to quickly test APIs or required parameters and cookies for a certain request.
Python
9
star
28

helloworld

一些经典的笔试题目,进入知道创宇的 Hello World!
2
star