forked from felixfaisal/attack-on-web
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
132 lines (116 loc) · 3.83 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#!/usr/bin/env node
const fs = require('fs');
path = require('path');
const inquirer = require('inquirer');
const yargs = require('yargs');
const chalk = require('chalk');
const arr = require('./src/check.js')
const clear = require('clear')
const crawl = require('./src/crawl')
const Table = require('cli-table');
const reg = require('./data/apiKeyRegex')
const options = {
fit: 'box',
width: 60,
height: 40,
}
const table = new Table({
head: ['SUPPORTED API PROVIDERS'],
colWidths: [30, 30, 30]
});
clear()
function listToMatrix(list, elementsPerSubArray) {
let matrix = [],
i, k;
for (i = 0, k = -1; i < list.length; i++) {
if (i % elementsPerSubArray === 0) {
k++;
matrix[k] = [];
}
matrix[k].push(list[i]);
}
return matrix;
}
function testCheck() {
inquirer
.prompt([{
type: 'checkbox',
name: 'extensions',
choices: [
'.js',
'.ts',
'.json',
'.py',
'.py3',
'.html',
'.txt',
'.yml',
],
default: 'none'
},
{
type: 'checkbox',
name: 'directories',
choices: [
'node_modules',
'/node_modules'
],
},
{
type: 'checkbox',
name: 'files',
choices: [
'env.json',
],
default: 'none'
},
])
.then(answers => {
crawl(process.cwd(), answers);
})
}
const argv = yargs
.command('api', 'attack-on-web', {
list: {
describe: "Lists all providers",
alias: 'l'
},
test: {
describe: "Run the script to check for API access tokens",
alias: 't'
}
})
.help()
.alias("help", "h")
.argv
if (argv.test == true) {
testCheck()
} else if (argv.list) {
let apiProviders = [];
reg.providers.forEach(element => {
apiProviders.push(element.provider)
});
let matrix = listToMatrix(apiProviders, 3);
for (let index = 0; index < matrix.length; index++) {
table.push(
matrix[index]
);
}
console.log(table.toString());
} else {
console.log(chalk.green(`
]
▒
▄▄▄ ╓▄▄▄▄, ▄▄▄ ╓▄▄ ╓▄▄ ─, ▒[ ╓
█▓█▓█ ▄▓▓▀▀▀█▓█▄ ▐▓▓▌ ╔▓▓▓▌ ,▓▓▌ ╢╖╖▒▒╖╢╜
█▓█ █▓█ ▓▓▌ ▓▓▓ ▓▓▓▄▓█ █▓▄█▓▌ ,,╓╓╖╖╖╖@▒▒▒▒▒▒╖╖╖╖╖╓,,
█▓█▀▀▀█▓█ ▀▓▓█▄▄█▓▓▀ █▓▓█ ╙▓▓▓█ ]▒▒▒▒▒╢
"▀▀ ▀▀" "▀▀▀▀" '▀▀ "▀▀ ╖╜ ▒▒ ╙╢
▒[
║
]
Hello, welcome to attack-on-web! AoW is a tool to test security vulnerabilities in your code.
${chalk.yellow('Tip:')} Type ${chalk.white('npx atow api -h')} or ${chalk.white('npx atow api --help')} to view list of commands
Type ${chalk.white('npx atow api -t')} or ${chalk.white('npx atow api --test')} for testing.
Type ${chalk.white('npx atow api -l')} or ${chalk.white('npx atow api --list')} for list of providers.`))
}