-
Notifications
You must be signed in to change notification settings - Fork 0
/
site_security_checker.py
66 lines (53 loc) · 2.07 KB
/
site_security_checker.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import tkinter as tk
import requests
from bs4 import BeautifulSoup
def check_site():
# Get the URL from the user input
url = url_entry.get()
# Send a GET request to the URL and get the status code
try:
response = requests.get(url)
status_code = response.status_code
except:
status_code = "Error"
# Check if the site is vulnerable to SQL injection
try:
# Send a GET request to the URL with a SQL injection payload
response = requests.get(url + "'")
# Check if the response contains a MySQL error message
soup = BeautifulSoup(response.text, 'html.parser')
error_messages = soup.find_all('p', class_='errormessage')
if any("You have an error in your SQL syntax" in str(error) for error in error_messages):
sql_injection = "Vulnerable"
else:
sql_injection = "Not vulnerable"
except:
sql_injection = "Error"
# Check if the site is vulnerable to cross-site scripting (XSS)
try:
# Send a GET request to the URL with an XSS payload
response = requests.get(url + '"<script>alert("XSS");</script>')
# Check if the payload is reflected in the response
if "<script>alert(\"XSS\");</script>" in response.text:
xss = "Vulnerable"
else:
xss = "Not vulnerable"
except:
xss = "Error"
# Display the results in the output label
output_label.config(text=f"Status code: {status_code}\nSQL injection: {sql_injection}\nXSS: {xss}")
# Create the GUI
root = tk.Tk()
root.title("Site Security Checker")
# Create the URL label and entry
url_label = tk.Label(root, text="URL:")
url_label.pack(side="left")
url_entry = tk.Entry(root)
url_entry.pack(side="left")
# Create the check button
check_button = tk.Button(root, text="Check", command=check_site)
check_button.pack(side="left")
# Create the output label
output_label = tk.Label(root, text="")
output_label.pack(side="left")
root.mainloop()