Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix broken headings in Markdown files #29

Merged
merged 1 commit into from
Apr 16, 2017
Merged

Fix broken headings in Markdown files #29

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
#YASUO [@0xsauby]
# YASUO [@0xsauby]

[![AUR](https://img.shields.io/aur/license/yaourt.svg?maxAge=2592000)](http://www.fsf.org/licensing/)
[![ToolsWatch 2016 Arsenal](https://www.toolswatch.org/badges/arsenal/2016.svg)](https://www.blackhat.com/eu-16/arsenal.html)
[![Twitter URL](https://img.shields.io/twitter/url/http/shields.io.svg?style=social&maxAge=2592000)](https://twitter.com/0xsauby)

##Description
## Description

Yasuo is a ruby script that scans for vulnerable 3rd-party web applications.

Expand All @@ -23,12 +23,12 @@ RFI/LFI etc.
Yasuo is built to quickly scan the network for such vulnerable applications
thus serving pwnable targets on a silver platter.

##Setup / Install
## Setup / Install
You would need to install the following gems:

- gem install ruby-nmap net-http-persistent mechanize text-table sqlite3

##Details
## Details

Yasuo provides following command-line options:

Expand All @@ -54,7 +54,7 @@ Yasuo provides following command-line options:

-h :: Well, take a guess

##What is this new switch: --usesavedstate (-u)
## What is this new switch: --usesavedstate (-u)

When Yasuo runs, it performs several steps before starting to enumerate vulnerable applications. If you provide an IP address or range, it will perform a port scan against the provided targets. If you provide Yasuo with nmap xml output file, it will parse that file and enumerate hosts with open web ports. It then sends a request for a fake (non-existent) file and directory to each enumerated host:ip. To reduce false-positives, it discards all ip:port that respond back with HTTP 200 Ok for the fake file & directory requests. At the end of this whole process, we get a list of, let's say, "good urls". These good urls are then used to enumerate vulnerable applications.

Expand All @@ -66,7 +66,7 @@ This latest version of Yasuo will automatically save a file, savedURLstateXXXXX.

Yasuo will parse this file and start enumerating vulnerable applications against the listed "good urls". Ta-Da.

##Examples
## Examples

`./yasuo -r 127.0.0.1 -p 80,8080,443,8443 -b form`

Expand All @@ -89,6 +89,6 @@ brute-force login for all the applications that implement form-based and http
basic authentication.


##Tetris-style Program Flow
## Tetris-style Program Flow

![Alt text](./tetris-style-program-flow.JPG)