Recon Tool: Logsensor

Reading Time: 2 Minutes

Description

Logsensor by Mr-Robert0, is a powerful tool designed to help identify login panels and perform POST form SQL injection (SQLi) scanning.

Features

• login panel Scanning for multiple hosts
• Proxy compatibility (http, https)
• Login panel scanning are done in multiprocessing

Login Panel Scanning: Logsensor can scan multiple hosts to identify login panels. This helps in locating web pages that allow users to log in, such as login forms or admin panels.

Proxy Compatibility: It supports both HTTP and HTTPS proxies, allowing users to configure and use proxies during scanning, potentially enhancing anonymity and flexibility.

Multiprocessing: Logsensor employs multiprocessing, enabling it to perform login panel scanning across multiple URLs simultaneously. This approach makes the scanning process faster and more efficient.

Installation

git clone https://github.com/Mr-Robert0/Logsensor.git

cd Logsensor && sudo chmod +x logsensor.py install.sh

pip install -r requirements.txt

./install.sh

Dependencies

• re
• bs4
• termcolor
• argparse
• tabulate
• requests

Quick Tutorial

1. Multiple hosts scanning to detect login panels

• You can increase the threads (default 30)
• only run login detector module

python3 logsensor.py -f <subdomains-list>

python3 logsensor.py -f <subdomains-list> -t 50

python3 logsensor.py -f <subdomains-list> --login

2. Targeted SQLi form scanning

• can provide only specifc url of login panel with –sqli or -s flag for run only SQLi form scanning Module
• turn on the proxy to see the requests
• customize user input name of login panel with actual name (default “username”)

python logsensor.py -u www.example.com/login --sqli

python logsensor.py -u www.example.com/login -s --proxy http://127.0.0.1:8080

python logsensor.py -u www.example.com/login -s --inputname email

View help

Screenshots

Clone the repo from here: GitHub Link