Security Testing and Enumeration of WebSockets
Official repository
To install STEWS you first need to clone the directory.
For the discovery module you need to install the dependencies jq and zgrab2
jq
zgrab2
For jq it is pretty straightforward you just need to sudo apt install jq
sudo apt install jq
For zgrab2 you can download the binary they provide in the documentation. Here is the documentation for STEWS (discovery module), here is the binary.
Take the binary and cp it in your binary folder sudo cp zgrab2 /usr/local/bin
sudo cp zgrab2 /usr/local/bin
Then we can modify the file known-endpoints.txt to add our endpoints.
Finally ./STEWS-discovery.sh
./STEWS-discovery.sh
To install the fingerprinting module you can use pip3 install -r requirements.txt or python3 -m pip install -r requirements.txt
pip3 install -r requirements.txt
python3 -m pip install -r requirements.txt
python3 STEWS-fingerprint.py -v -a -u your-url with -a you will do all tests.
python3 STEWS-fingerprint.py -v -a -u your-url
To install the vuln-detect module you can use pip3 install -r requirements.txt or python3 -m pip install -r requirements.txt
Then use python3 STEWS-vuln-detect.py -h and test out what you wish to do.
python3 STEWS-vuln-detect.py -h
Last updated 2 years ago
git clone https://github.com/PalindromeLabs/STEWS.git
