• Stars
    star
    112
  • Rank 312,240 (Top 7 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 8 years ago
  • Updated about 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch

WASE

WASE is a shortcut for Web Audit Search Engine. It's a framework for indexing HTTP requests/responses while web application audits in an ElasticSearch instance and enriching it with useful data. The indexed data can then be searched and aggregated with ElasticSearch queries or with Kibana.

Currently WASE contains the following parts:

  • doc_HttpRequestResponse.py: a library that implements the DocHTTPRequestResponse class. This class is an elasticsearch_dsl-based storage class of HTTP requests/responses (derived from Burps data structures and API).
  • ElasticBurp: a Burp plugin that feeds requests/responses into ElasticSearch.

ElasticBurp

Scared about the weak searching performance of Burp Suite? Are you missing possibilities to search in Burp? ElasticBurp combines Burp Suite with the search power of ElasticSearch. It can be installed directly from the Burp BApp Store.

Installation

  1. Install ElasticSearch and Kibana.
  2. Configure both - For security reasons it is recommend to let them listen on localhost:
  • Set network.host: 127.0.0.1 in /etc/elasticsearch/elasticsearch.yml.
  • Set host: "127.0.0.1" in /opt/kibana/config/kibana.yml.
  1. Install dependencies in the Jython environment used by Burp Extender with: $JYTHON_PATH/bin/pip install -r requirements.txt
  2. Load ElasticBurp.py as Python extension in Burp Extender.

Currently there seem to be incompatibilities with the new Python Elasticsearch packages. Specify the 2.2 version when installing with pip: $JYTHON_HOME/bin/pip install elasticsearch_dsl==2.2

Usage

See this blog article for usage examples.

WASEProxy

A generic intercepting HTTP(S) proxy server that stores extracted data into an ElasticSearch index.

Installation with pip: pip install -r requirements-proxy.txt

WASEQuery

Search ElasticSearch indices created by WASE for

  • responses with missing headers
  • responses with missing parameters
  • all values that were set for a header (e.g. X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Content-Security-Policy, ...)

...or do arbitrary search queries.

Invoke WASEQuery.py for help message. This blog article shows some examples for usage of WASEQuery.

More Repositories

1

elk-detection-lab

An ELK environment containing interesting security datasets.
Shell
133
star
2

android-nfc-paycardreader

NFC card reader Android app. Currently reads the german GeldKarte and some credit cards.
Java
108
star
3

logstash-linux

Logstash Configuration for Linux Logs (Authentication, Apache, Mail)
92
star
4

Log4Pot

A honeypot for the Log4Shell vulnerability (CVE-2021-44228).
Python
90
star
5

POODLEAttack

PoC implementation of the POODLE attack
Python
66
star
6

EQUEL

An Elasticsearch QUEry Language
Python
57
star
7

Burp-SessionAuthTool

Burp plugin which supports in finding privilege escalation vulnerabilities
Python
40
star
8

sigma-workshop

Elasticsearch/Kibana environment and log data for Sigma workshop
Shell
26
star
9

Clickjacking-Exploit

Clickjacking Proof-of-Concept Exploit
25
star
10

NastyWebHackme

Broken web app intentionally built with pentesting obstacles
Python
15
star
11

Burp-MissingScannerChecks

Collection of scanner checks missing in Burp
Python
14
star
12

BrowserCrasher

Crash browsers with opensource test suites
HTML
8
star
13

Demo-ClientsideWebAttacks

Demonstration of some client-side web application vulnerabilities (DOM XSS, Clickjacking) and wrong usage of local storage.
JavaScript
7
star
14

CSRF-Multistep

Framework for building multistep CSRF Proof of Concepts
4
star
15

Burp-Randomizer

Randomize parts of requests with a session handling rule action.
Python
3
star
16

hashextension

Implementation of the hash extension attack
Python
2
star
17

infosec-notebooks

Jupyter notebooks for threat hunting and incident response
2
star
18

AVR-RandomStuff

Some tiny programs I coded for Atmel AVR microcontrollers. Sense&pointless, but possibly useful for someone.
C
1
star
19

OwnTwitterFilterBubble

Build your Own Twitter Filter Bubble with Deep Learning
Python
1
star
20

ImageSearch

Script collection that makes my photos searchable
Python
1
star
21

sigma-workshop-operationalization

Workshop "Operationalization of Sigma Rules with Processing Pipelines" at Hack.lu 2024
1
star