luna: open-source web security scanner

Luna is an open-source web security scanner which is based on reduced-code passive scanning framework. You can write a simple python plugin to prove your great ideas with Luna. The format of httplog is the plaintext saved by Burpsuite. And thanks to PortSwigger Ltd.

Disclaimer: Luna is a study demo for web security fans. Anyone who attacks website through Luna(or rewrite by Luna) which breaks the law will take the full responsibility by himself.

Install

git clone https://github.com/toyakula/luna.git

Usage

1. Save httplog from burp suite or you can also convert other httplog to burpsuite-requestlog format. Save it in the ‘lunahttplog.txt’.
2. Modify ‘conf/lunaconf.py’

`host_port=[['127.0.0.1','80'],]` 

`http_log = 'lunahttplog.txt'`



Set the target(['host','port']) and set the file which httplog saved in.

3. python luna.py

Contact

Gmail ： luna.pyc@gmail.com

Blog ： https://tokula.com

Source: https://github.com/toyakula/