#!/usr/bin/perl # By NaN # # Requirements: # aha https://github.com/masukomi/aha # sslscan https://github.com/rbsec/sslscan # testssl https://github.com/drwetter/testssl.sh # securityheaders https://github.com/juerkkil/securityheaders use strict; use warnings; my $sslscan = "sslscan"; # command or path to sslscan my $testssl = "/opt/testssl.sh/testssl.sh"; # command or path to testssl.sh my $headers = "/opt/securityheaders/securityheaders.py"; # securityheaders my $aha = "aha"; # command or path to aha my $browser = "thunar"; # your file browser - remove to disable if($#ARGV < 1){ print "Check Headers and SSL v0.1\n"; print "Usage: ./CHaS.pl </full/directory/path> <https://www.url.com>\n"; exit(-1); }else{ my $dir = $ARGV[0]; my $url = $ARGV[1]; my @children_pids; if($url =~ /^(?:(?:https?|s))/i){}else{ die "[!] Not a valid URL!\n"; } print "[i] Directory: $dir \n"; print "[i] URL: $url \n"; print "[+] Creating Directory\n"; unless(mkdir($dir, 0755)) { die "[!] Unable to create!\n"; } my $pid = fork(); if( $pid == 0 ){ push @children_pids, $pid; print "[+] Launching SSLScan\n"; system("$sslscan $url | aha >$dir/sslscan.html"); print "[+] Finished SSLScan\n"; exit 0; } my $pid2 = fork(); if( $pid2 == 0 ){ push @children_pids, $pid2; print "[+] Launching testssl.sh\n"; system("$testssl $url | aha >$dir/testssl.html"); print "[+] Finished testssl.sh\n"; exit 0; } my $pid3 = fork(); if( $pid3 == 0 ){ push @children_pids, $pid3; print "[+] Checking Headers\n"; system(" echo \"curl -Is --insecure $url\n\" > $dir/headers.txt"); system("curl -Is --insecure $url >> $dir/headers.txt"); system("python $headers $url | aha >$dir/headers.html"); print "[+] Finished Headers\n"; exit 0; } my $loop = 1; $SIG{CHLD} = 'DEFAULT'; # turn off auto reaper $SIG{INT} = $SIG{TERM} = sub {$loop = 0; kill -15 => @children_pids}; while ($loop && getppid() != 1) { my $child = waitpid(-1, 0); last if $child == -1; } if( length $browser ){ print "[!] Launching file browser\n"; system("$browser $dir &"); }else{ print "[!] Complete\n"; } exit(); }