.jpg)
# Export to CSV import csv with open('shop_audit_report.csv', 'w', newline='', encoding='utf-8') as f: writer = csv.DictWriter(f, fieldnames=['url', 'title', 'price', 'description']) writer.writeheader() writer.writerows(auditor.products)
for vuln in self.vulnerabilities: report += f"\n • vuln['type']\n URL: vuln['url']\n"
def _extract_images(self, soup, base_url): images = [] for img in soup.find_all('img', src=True): img_url = urljoin(base_url, img['src']) if 'product' in img_url.lower() or 'item' in img_url.lower(): images.append(img_url) return images[:5] inurl index php id 1 shop
# If response is similar but different content, potential IDOR if response.status_code == 200 and "login" not in response.url.lower(): soup = BeautifulSoup(response.text, 'html.parser') title_tag = soup.find('title') if title_tag and '404' not in title_tag.text.lower(): self._report_vulnerability(f'Potential IDOR (ID: test_id)', test_url)
If the website uses the id parameter directly in a SQL query without proper sanitization or parameterization, it could be vulnerable to SQL injection attacks. An attacker might exploit this by appending malicious SQL code to the id parameter. # Export to CSV import csv with open('shop_audit_report
: They might append a single quote ( ' ) to the end of the URL. If the site returns a database error message, it often indicates the site is vulnerable to SQLi.
def generate_report(self): """Generate a comprehensive security & data report""" report = f""" '='*60 SHOP AUDITOR REPORT '='*60 If the site returns a database error message,
time.sleep(self.delay) # Be respectful to the server