Cookiescanner - Tool to Check the Cookie Flag for a Multiple Sites

Wednesday, December 23, 2015


Tool to do more easy the web scan proccess to check if the secure and HTTPOnly flags are enabled in the cookies (path and expires too).

This tools allows probe multiple urls through a input file, by a google domain (looking in all subdomains) or by a unique url. Also, supports multiple output like json, xml and csv.

Features:

  •  Multiple options for output (and export using >). xml, json, csv, grepable
  •  Check the flags in multiple sites by a file input (one per line). This is very useful for pentesters when they want check the flags in multiple sites.
  •  Google search. Search in google all subdomains and check the cookies for each domain.
  • Colors for the normal output.

Usage

Usage: cookiescanner.py [options] 
Example: ./cookiescanner.py -i ips.txt

Options:
  -h, --help            show this help message and exit
  -i INPUT, --input=INPUT
                        File input with the list of webservers
  -I, --info            More info
  -u URL, --url=URL     URL
  -f FORMAT, --format=FORMAT
                        Output format (json, xml, csv, normal, grepable)
  --nocolor             Disable color (for the normal format output)
  -g GOOGLE, --google=GOOGLE
                        Search in google by domain

Requirements

requests >= 2.8.1
BeautifulSoup >= 4.2.1

Install requirements

pip3 install --upgrade -r requirements.txt




Subscribe via e-mail for updates!