hannob / snallygaster

Tool to scan for secret files on HTTP servers
BSD Zero Clause License
2.07k stars 228 forks source link

Find better way for implicit checks in check404 #84

Open hannob opened 3 hours ago

hannob commented 3 hours ago

The check404 function does some implicit checks (e.g. webpages with django debugging enabled) by parsing the 404 error page.

This design has the downside that it is not possible to explicitly call those checks (e.g., snallygaster -t djangodebug [host]).

One idea would be to change the code like this:

This would both allow calling those tests separately, but would not slow them down with multiple fetches if we do a full host scan.

hannob commented 3 hours ago

cc @hartwork