ProxyStrike Plugins update

Well this is a short post, just to let you know that the plugins framework of ProxyStrike is updated, making easier to develop your own plugins. Here is a diagram of the internal structure:


Now each plugin is a file, and here is an example of a plugin for gathering all the email addresses:

class email_detect(AttackPlugin):
def __init__(self):
AttackPlugin.__init__(self,name="email detect",variableSet=False,iface=True,type="tree",fields=["Url","Email"])

self.emailre=re.compile("[a-z0-9_.-]+@[a-z0-9_.-]+",re.I)

def process(self,req):
html
=req.response.getContent()
a
=self.emailre.findall(html)
results
=[]
for i in a:
results
.append([i])
if a:
self.putRESULTS([req.completeUrl,results])


You can find more examples inside the plugin folder, just get your copy via subversion:

svn checkout http://proxystrike.googlecode.com/svn/trunk/ proxystrike-read-only

More information in the wiki, and you can follow updates by deepbit in his new blog

Enjoy

-CMM

1 comentarios:

Knut said...

Will it soon be possible to write plugins which can inject/mangle requests and responses?