Recon Tool: Logsensor
Reading Time: 2 Minutes
Description
Logsensor by Mr-Robert0, is a powerful tool designed to help identify login panels and perform POST form SQL injection (SQLi) scanning.
Features
- login panel Scanning for multiple hosts
- Proxy compatibility (http, https)
- Login panel scanning are done in multiprocessing
Login Panel Scanning: Logsensor can scan multiple hosts to identify login panels. This helps in locating web pages that allow users to log in, such as login forms or admin panels.
Proxy Compatibility: It supports both HTTP and HTTPS proxies, allowing users to configure and use proxies during scanning, potentially enhancing anonymity and flexibility.
Multiprocessing: Logsensor employs multiprocessing, enabling it to perform login panel scanning across multiple URLs simultaneously. This approach makes the scanning process faster and more efficient.
See Also: So you want to be a hacker?
Offensive Security Courses
See Also: Offensive Security Tool: PhoneSploit Pro
See Also: Malware Analysis Tool: retoolkit
Quick Tutorial
1. Multiple hosts scanning to detect login panels
- You can increase the threads (default 30)
- only run login detector module
python3 logsensor.py -f <subdomains-list>
python3 logsensor.py -f <subdomains-list> -t 50
python3 logsensor.py -f <subdomains-list> --login
2. Targeted SQLi form scanning
- can provide only specifc url of login panel with –sqli or -s flag for run only SQLi form scanning Module
- turn on the proxy to see the requests
- customize user input name of login panel with actual name (default “username”)
python logsensor.py -u www.example.com/login --sqli
python logsensor.py -u www.example.com/login -s --proxy http://127.0.0.1:8080
python logsensor.py -u www.example.com/login -s --inputname email