STEWS
Security Testing and Enumeration of WebSockets
To install STEWS you first need to clone the directory.
Discovery
For the discovery module you need to install the dependencies
jq
andzgrab2
For
jq
it is pretty straightforward you just need tosudo apt install jq
For
zgrab2
you can download the binary they provide in the documentation. Here is the documentation for STEWS (discovery module), here is the binary.Take the binary and cp it in your binary folder
sudo cp zgrab2 /usr/local/bin
Then we can modify the file known-endpoints.txt to add our endpoints.
Finally
./STEWS-discovery.sh
Fingerprinting
To install the fingerprinting module you can use
pip3 install -r requirements.txt
orpython3 -m pip install -r requirements.txt
python3 STEWS-fingerprint.py -v -a -u your-url
with -a you will do all tests.
Vulnerability Detection
To install the vuln-detect module you can use
pip3 install -r requirements.txt
orpython3 -m pip install -r requirements.txt
Then use
python3 STEWS-vuln-detect.py -h
and test out what you wish to do.
Last updated