Attacks UI

src/main/jsleak/jsleak.ts

@@ -1,5 +1,6 @@
 import { execSync } from 'child_process';
 import path from 'path';
+import fs from 'fs';
 import { CurrentOS, toolPath } from '../util';
 import { PROJECT_DIR } from '../api/project';
 import { connectJson } from '../db/connect';
@@ -11,10 +12,12 @@ export async function findSecret(outputDir: string = PROJECT_DIR): Promise<{
   error: any;
 }> {
   const jsleak = toolPath('jsleak');
-  const command = `${CurrentOS() === 'win32' ? 'type' : 'cat'} ${path.join(outputDir, 'httpx_live_domains.txt')} | ${jsleak} -s
-   >> ${path.join(outputDir, 'secrets.txt')}`;
+  const command = `${CurrentOS() === 'win32' ? 'type' : 'cat'} ${path.join(outputDir, 'httpx_live_domains.txt')} | ${jsleak} -s`;
   try {
-    execSync(command);
+    fs.writeFileSync(
+      `${path.join(outputDir, 'secrets.txt')}`,
+      execSync(command).toString('utf-8'),
+    );
     const numberOfUrls = await countLines(path.join(outputDir, 'secrets.txt'));
     const db = connectJson(path.join(`${outputDir}/details.json`));
     await db.update({
@@ -38,10 +41,12 @@ export async function extraLinks(outputDir: string = PROJECT_DIR): Promise<{
   error: any;
 }> {
   const jsleak = toolPath('jsleak');
-  const command = `${CurrentOS() === 'win32' ? 'type' : 'cat'} ${path.join(outputDir, 'httpx_live_domains.txt')} | ${jsleak} -l | findstr ".js"
-   >> ${path.join(outputDir, 'extra_links.txt')}`;
+  const command = `${CurrentOS() === 'win32' ? 'type' : 'cat'} ${path.join(outputDir, 'httpx_live_domains.txt')} | ${jsleak} -l | findstr ".js"`;
   try {
-    execSync(command);
+    fs.writeFileSync(
+      `${path.join(outputDir, 'extra_links.txt')}`,
+      execSync(command).toString('utf-8'),
+    );
     const numberOfUrls = await countLines(
       path.join(outputDir, 'extra_links.txt'),
     );

src/main/main.ts

@@ -26,7 +26,7 @@ import {
 import { liveSubDomains, screenwin } from './recon/httpx';
 import { fetchJs, parameter, wwayback } from './recon/waybackurls';
 import { returnFile } from './api/serve';
-import { findSecret, extraLinks } from './jsleak/jsleak';
+import { extraLinks, findSecret } from './jsleak/jsleak';
 
 class AppUpdater {
   constructor() {

src/main/preload.ts

@@ -14,6 +14,8 @@ export type Channels =
   | 'waybackurls-parameter'
   | 'get-project-details'
   | 'api-call'
+  | 'find-secrets'
+  | 'extra-links'
   | 'open-link';
 
 const electronHandler = {

src/renderer/App.tsx

@@ -9,7 +9,8 @@ import { ProjectLayout } from './layout/projectLayout';
 import Status from './views/project/status';
 import Recon from './views/project/recon';
 import { ReconResults } from './views/project/results/recon-results';
-import JsLeaks from './views/project/JsLeaks.1';
+import JsLeaks from './views/project/JsLeaks';
+import Attacks from './views/project/attacks';
 
 function Home() {
   return (
@@ -31,7 +32,7 @@ export default function App() {
             <Route path="recon" element={<Recon />} />
             <Route path="result" element={<Results />} />
             <Route path="result-recon" element={<ReconResults />} />
-            <Route path="attack" element={<Results />} />
+            <Route path="attacks" element={<Attacks />} />
             <Route path="jsleaks" element={<JsLeaks />} />
           </Route>
         </Routes>

src/renderer/components/sidebar.tsx

@@ -30,9 +30,8 @@ const dashboardMenu: DashboardMenu[] = [
     icon: <PocketKnife className="mr-2 h-4 w-4" />,
   },
   {
-    href: 'attack',
-    title: 'Attack',
-    Disabled: true,
+    href: 'attacks',
+    title: 'Attacks',
     icon: <PocketKnife className="mr-2 h-4 w-4" />,
   },
   {

src/renderer/views/project/JsLeaks.tsx

@@ -1,41 +1,63 @@
+/* eslint-disable react/jsx-props-no-spreading */
+/* eslint-disable react-hooks/exhaustive-deps */
+import { useEffect, useState } from 'react';
+import { useParams } from 'react-router-dom';
 import {
   Card,
   CardContent,
   CardDescription,
   CardHeader,
   CardTitle,
 } from '../../components/ui/card';
-import Secrets from './JsLeaks Jobs/secrets';
-import EndPoints from './JsLeaks Jobs/EndPoints';
+import Secrets from './jsLeaksJob/secrets';
+import EndPoints from './jsLeaksJob/Endpoint';
+import { ProjectDetails } from '../../types';
 
 export default function JsLeaks() {
+  const [details, setDetails] = useState<ProjectDetails>();
+  const { projectSlug } = useParams();
+
+  const getDetails = async () => {
+    const res = await window.electron.ipcRenderer.invoke(
+      'get-project-details',
+      projectSlug,
+    );
+    setDetails(res);
+    console.log(res);
+  };
+
+  useEffect(() => {
+    getDetails();
+  }, []);
   return (
     <div className="flex flex-col gap-4">
-      <h1 className="font-bold text-3xl">Initiate Recon Attacks</h1>
-      <div>
-        <div className="grid grid-flow-row grid-cols-2 gap-4">
-          <Card>
-            <CardHeader>
-              <CardTitle>Find Secrets</CardTitle>
-              <CardDescription>wanna find secrets ?</CardDescription>
-            </CardHeader>
-            <CardContent className="flex justify-between">
-              <Secrets />
-            </CardContent>
-          </Card>
-          <Card>
-            <CardHeader>
-              <CardTitle>Find EndPoints</CardTitle>
-              <CardDescription>
-                Unveiling extra and hidden endpoints
-              </CardDescription>
-            </CardHeader>
-            <CardContent className="flex justify-between">
-              <EndPoints />
-            </CardContent>
-          </Card>
+      <h1 className="font-bold text-3xl">JsLeaks</h1>
+      {details && (
+        <div>
+          <div className="grid grid-flow-row grid-cols-2 gap-4">
+            <Card>
+              <CardHeader>
+                <CardTitle>Find Secrets</CardTitle>
+                <CardDescription>wanna find secrets ?</CardDescription>
+              </CardHeader>
+              <CardContent className="flex justify-between">
+                <Secrets {...details} />
+              </CardContent>
+            </Card>
+            <Card>
+              <CardHeader>
+                <CardTitle>Find EndPoints</CardTitle>
+                <CardDescription>
+                  Unveiling extra and hidden endpoints
+                </CardDescription>
+              </CardHeader>
+              <CardContent className="flex justify-between">
+                <EndPoints {...details} />
+              </CardContent>
+            </Card>
+          </div>
         </div>
-      </div>
+      )}
     </div>
   );
 }

src/renderer/views/project/attacks.tsx

@@ -0,0 +1,61 @@
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from '../../components/ui/card';
+import Exposures from './attacks/exposures';
+import MissingHeaders from './attacks/missingHeaders';
+import PotentialXss from './attacks/potentialXss';
+import SqlInjection from './attacks/sqlInjection';
+
+export default function Attacks() {
+  return (
+    <div className="flex flex-col gap-4">
+      <h1 className="font-bold text-3xl">Attacks</h1>
+      <div>
+        <div className="grid grid-flow-row grid-cols-2 gap-4">
+          <Card>
+            <CardHeader>
+              <CardTitle>Scan for exposures</CardTitle>
+              <CardDescription>wanna find exposures ?</CardDescription>
+            </CardHeader>
+            <CardContent className="flex justify-between">
+              <Exposures />
+            </CardContent>
+          </Card>
+          <Card>
+            <CardHeader>
+              <CardTitle>Scan for missing headers</CardTitle>
+              <CardDescription>wanna find more ?</CardDescription>
+            </CardHeader>
+            <CardContent className="flex justify-between">
+              <MissingHeaders />
+            </CardContent>
+          </Card>
+          <Card>
+            <CardHeader>
+              <CardTitle>Scan the URLs</CardTitle>
+              <CardDescription>wanna catch potential XSS</CardDescription>
+            </CardHeader>
+            <CardContent className="flex justify-between">
+              <PotentialXss />
+            </CardContent>
+          </Card>
+          <Card>
+            <CardHeader>
+              <CardTitle>Scan for SQL Injection</CardTitle>
+              <CardDescription>
+                SSTI, Open Redirect & CRLF Injection
+              </CardDescription>
+            </CardHeader>
+            <CardContent className="flex justify-between">
+              <SqlInjection />
+            </CardContent>
+          </Card>
+        </div>
+      </div>
+    </div>
+  );
+}

src/renderer/views/project/attacks/exposures.tsx

@@ -0,0 +1,23 @@
+import { Loader2 } from 'lucide-react';
+import { useState } from 'react';
+import { Button } from '../../../components/ui/button';
+
+export default function Exposures() {
+  const [Loading, setLoading] = useState<boolean>(false);
+  const RunExposures = async () => {
+    setLoading(true);
+  };
+  return (
+    // eslint-disable-next-line react/jsx-no-useless-fragment
+    <>
+      {!Loading ? (
+        <Button onClick={RunExposures}>Process</Button>
+      ) : (
+        <Button disabled>
+          <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+          Please wait
+        </Button>
+      )}
+    </>
+  );
+}

src/renderer/views/project/attacks/missingHeaders.tsx

@@ -0,0 +1,23 @@
+import { Loader2 } from 'lucide-react';
+import { useState } from 'react';
+import { Button } from '../../../components/ui/button';
+
+export default function MissingHeaders() {
+  const [Loading, setLoading] = useState<boolean>(false);
+  const RunMissingHeaders = async () => {
+    setLoading(true);
+  };
+  return (
+    // eslint-disable-next-line react/jsx-no-useless-fragment
+    <>
+      {!Loading ? (
+        <Button onClick={RunMissingHeaders}>Process</Button>
+      ) : (
+        <Button disabled>
+          <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+          Please wait
+        </Button>
+      )}
+    </>
+  );
+}

src/renderer/views/project/attacks/potentialXss.tsx

@@ -0,0 +1,23 @@
+import { Loader2 } from 'lucide-react';
+import { useState } from 'react';
+import { Button } from '../../../components/ui/button';
+
+export default function PotentialXss() {
+  const [Loading, setLoading] = useState<boolean>(false);
+  const RunPotentialXss = async () => {
+    setLoading(true);
+  };
+  return (
+    // eslint-disable-next-line react/jsx-no-useless-fragment
+    <>
+      {!Loading ? (
+        <Button onClick={RunPotentialXss}>Process</Button>
+      ) : (
+        <Button disabled>
+          <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+          Please wait
+        </Button>
+      )}
+    </>
+  );
+}

src/renderer/views/project/attacks/sqlInjection.tsx

@@ -0,0 +1,23 @@
+import { Loader2 } from 'lucide-react';
+import { useState } from 'react';
+import { Button } from '../../../components/ui/button';
+
+export default function SqlInjection() {
+  const [Loading, setLoading] = useState<boolean>(false);
+  const RunSqlInjection = async () => {
+    setLoading(true);
+  };
+  return (
+    // eslint-disable-next-line react/jsx-no-useless-fragment
+    <>
+      {!Loading ? (
+        <Button onClick={RunSqlInjection}>Process</Button>
+      ) : (
+        <Button disabled>
+          <Loader2 className="mr-2 h-4 w-4 animate-spin" />
+          Please wait
+        </Button>
+      )}
+    </>
+  );
+}

src/renderer/views/project/jsLeaksJob/Endpoint.tsx

@@ -1,11 +1,26 @@
 import { Loader2 } from 'lucide-react';
 import { useState } from 'react';
 import { Button } from '../../../components/ui/button';
+import { useToast } from '../../../components/ui/use-toast';
+import { ProjectDetails } from '../../../types';
 
-export default function EndPoints() {
+export default function EndPoints(details: ProjectDetails) {
+  const { name } = details;
   const [Loading, setLoading] = useState<boolean>(false);
+  const { toast } = useToast();
   const RunEndPoints = async () => {
     setLoading(true);
+    if (details) {
+      const res = await window.electron.ipcRenderer.invoke('extra-links', {
+        projectName: name,
+      });
+      if (res) {
+        toast({
+          title: 'Endpoints are ready',
+        });
+      }
+    }
+    setLoading(false);
   };
   return (
     // eslint-disable-next-line react/jsx-no-useless-fragment

src/renderer/views/project/jsLeaksJob/secrets.tsx

@@ -1,11 +1,24 @@
 import { Loader2 } from 'lucide-react';
 import { useState } from 'react';
 import { Button } from '../../../components/ui/button';
+import { useToast } from '../../../components/ui/use-toast';
+import { ProjectDetails } from '../../../types';
 
-export default function Secrets() {
+export default function Secrets(details: ProjectDetails) {
+  const { name } = details;
   const [Loading, setLoading] = useState<boolean>(false);
+  const { toast } = useToast();
   const RunSecrets = async () => {
     setLoading(true);
+    const res = await window.electron.ipcRenderer.invoke('find-secrets', {
+      projectName: name,
+    });
+    if (res) {
+      toast({
+        title: 'your Secrets are ready',
+      });
+    }
+    setLoading(false);
   };
   return (
     // eslint-disable-next-line react/jsx-no-useless-fragment