jwt1399jwt1399
838

Sec Tools

screenshot of Sec Tools
django

一款基于Python-Django的多功能Web安全渗透测试工具,包含漏洞扫描,端口扫描,指纹识别,目录扫描,旁站扫描,域名扫描等功能。

Github

Overview

Sec-Tools is a versatile web application penetration testing system based on Python-Django, designed to enhance website security through comprehensive vulnerability detection and assessment. With its dynamic range of functionalities, users can perform tasks such as vulnerability scanning, directory enumeration, port scanning, fingerprint identification, and information leakage detection. Whether you're a security researcher or simply interested in web security, Sec-Tools provides a robust framework to identify potential threats and vulnerabilities effectively.

By utilizing advanced techniques such as asset collection via domain probing and port scanning, Sec-Tools empowers users to analyze the security posture of web applications. Following information collection, the system evaluates potential security risks, identifying flaws and offering remediation suggestions. This allows users to respond proactively to network threats, ultimately improving their website's defense mechanisms.

Features

  • Vulnerability Detection: Conduct extensive scans for various vulnerabilities including SQL injection, XSS, and known middleware vulnerabilities.

  • Asset Collection: Utilize domain probing and port scanning to gather crucial information about the target website, crucial for thorough security assessments.

  • User Authentication: The system supports user registration and login, with distinct roles for ordinary users and superusers, ensuring controlled access to sensitive features.

  • Comprehensive Reporting: After performing scans, receive detailed reports on vulnerabilities found, their severity levels, and recommended fixes.

  • Data Visualization: The user interface incorporates ECharts for visually representing scan results and vulnerability assessments, enhancing user understanding.

  • Password Security: User information is protected with salted SHA256 hash encryption for passwords, ensuring data security and integrity.

  • Integration with AWVS: Leverages the AWVS API for advanced vulnerability scanning capabilities, streamlining the process of vulnerability assessment.

django
Django

Django is a high-level Python web framework that encourages rapid development and clean, pragmatic design. It follows the model-view-controller (MVC) architectural pattern, providing an extensive set of built-in tools and conventions to streamline the creation of robust and scalable web applications.