Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit0d014e4

Browse files
committed
add clickjacking scanner tutorial
1 parent14ce0f7 commit0d014e4

File tree

4 files changed

+58
-0
lines changed

4 files changed

+58
-0
lines changed

‎README.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,7 @@ This is a repository of all the tutorials of [The Python Code](https://www.thepy
7070
-[How to Remove Persistent Malware in Python](https://thepythoncode.com/article/removingg-persistent-malware-in-python). ([code](ethical-hacking/remove-persistent-malware))
7171
-[How to Check Password Strength with Python](https://thepythoncode.com/article/test-password-strength-with-python). ([code](ethical-hacking/checking-password-strength))
7272
-[How to Perform Reverse DNS Lookups Using Python](https://thepythoncode.com/article/reverse-dns-lookup-with-python). ([code](ethical-hacking/reverse-dns-lookup))
73+
-[How to Make a Clickjacking Vulnerability Scanner in Python](https://thepythoncode.com/article/make-a-clickjacking-vulnerability-scanner-with-python). ([code](ethical-hacking/clickjacking-scanner))
7374

7475
-###[Machine Learning](https://www.thepythoncode.com/topic/machine-learning)
7576
-###[Natural Language Processing](https://www.thepythoncode.com/topic/nlp)
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
#[How to Make a Clickjacking Vulnerability Scanner in Python](https://thepythoncode.com/article/make-a-clickjacking-vulnerability-scanner-with-python)
Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
importrequests,argparse
2+
3+
4+
# Function to check if a website is vulnerable to clickjacking.
5+
defcheck_clickjacking(url):
6+
try:
7+
# Add https:// schema if not present in the URL.
8+
ifnoturl.startswith('http://')andnoturl.startswith('https://'):
9+
url='https://'+url
10+
11+
# Send a GET request to the URL.
12+
response=requests.get(url)
13+
headers=response.headers
14+
15+
# Check for X-Frame-Options header.
16+
if'X-Frame-Options'notinheaders:
17+
returnTrue
18+
19+
# Get the value of X-Frame-Options and check it..
20+
x_frame_options=headers['X-Frame-Options'].lower()
21+
ifx_frame_options!='deny'andx_frame_options!='sameorigin':
22+
returnTrue
23+
24+
returnFalse
25+
exceptrequests.exceptions.RequestExceptionase:
26+
print(f"An error occurred while checking{url} -{e}")
27+
returnFalse
28+
29+
# Main function to parse arguments and check the URL.
30+
defmain():
31+
parser=argparse.ArgumentParser(description='Clickjacking Vulnerability Scanner')
32+
parser.add_argument('url',type=str,help='The URL of the website to check')
33+
parser.add_argument('-l','--log',action='store_true',help='Print out the response headers for analysis')
34+
args=parser.parse_args()
35+
36+
url=args.url
37+
is_vulnerable=check_clickjacking(url)
38+
39+
ifis_vulnerable:
40+
print(f"[+]{url} may be vulnerable to clickjacking.")
41+
else:
42+
print(f"[-]{url} is not vulnerable to clickjacking.")
43+
44+
ifargs.log:
45+
# Add https:// schema if not present in the URL for response printing.
46+
ifnoturl.startswith('http://')andnoturl.startswith('https://'):
47+
url='https://'+url
48+
49+
print("\nResponse Headers:")
50+
response=requests.get(url)
51+
forheader,valueinresponse.headers.items():
52+
print(f"{header}:{value}")
53+
54+
if__name__=='__main__':
55+
main()
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
requests

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp