Python
  • Blog
  • Contact
    • Overview
    Issues 6

    ADAPT is a tool that performs automated Penetration Testing for WebApps.

    secdec secdec Last update: Feb 22, 2024

    adapt-logo

    Summary

    ADAPT is a tool that performs Automated Dynamic Application Penetration Testing for web applications. It is designed to increase accuracy, speed, and confidence in penetration testing efforts. ADAPT automatically tests for multiple industry standard OWASP Top 10 vulnerabilities, and outputs categorized findings based on these potential vulnerabilities. ADAPT also uses the functionality from OWASP ZAP to perform automated active and passive scans, and auto-spidering. Due to the flexible nature of the ADAPT tool, all of theses features and tests can be enabled or disabled from the configuration file. For more information on tests and configuration, please visit the ADAPT wiki.

    How it Works

    ADAPT uses Python to create an automated framework to use industry standard tools, such as OWASP ZAP and Nmap, to perform repeatable, well-designed procedures with anticipated results to create an easly understandable report listing vulnerabilities detected within the web application.

    Automated Tests:

    * OTG-IDENT-004 – Account Enumeration
* OTG-AUTHN-001 - Testing for Credentials Transported over an Encrypted Channel
* OTG-AUTHN-002 – Default Credentials
* OTG-AUTHN-003 - Testing for Weak lock out mechanism
* OTG-AUTHZ-001 – Directory Traversal
* OTG-CONFIG-002 - Test Application Platform Configuration
* OTG-CONFIG-006 – Test HTTP Methods
* OTG-CRYPST-001 - Testing for Weak SSL/TLS Ciphers, Insufficient Transport Layer Protection
* OTG-CRYPST-002 - Testing for Padding Oracle
* OTG-ERR-001 - Testing for Error Code
* OTG-ERR-002 – Testing for Stack Traces
* OTG-INFO-002 – Fingerprinting the Webserver
* OTG-INPVAL-001 - Testing for Reflected Cross site scripting
* OTG-INPVAL-002 - Testing for Stored Cross site scripting
* OTG-INPVAL-003 – HTTP Verb Tampering
* OTG-SESS-001 - Testing for Session Management Schema
* OTG-SESS-002 – Cookie Attributes

    Installing the Plugin

    1. Detailed install instructions.

    For Developers & Contributors

    ADAPT is an open source software that encourages community collaboration. Collaboration requires cloning the ADAPT repository from https://github.com/secdec/adapt. It is encouraged that a potential contributor clones ADAPT in a UNIX environment. Cloning in a windows environment may disturb the line endings if certain settings are configured such as autocrlf = true. To ensure that this does not occur when working in a Windows based environment locate your global git.config and disable autocrlf.

    License

    Licensed under the Apache-2.0 License.

    Tags:

    Owner

    secdec

    secdec
    GitHub Repository https://github.com/secdec
    Simple prebuilt applications.

    Simple apps for Django projects. Below are a list of per app dependancies: Inlines is a template filter that can be used in conjunction with inline markup to insert content objects into other pieces …

    nathanborror
    1.33K May 11, 2024
    DRF-like declarative viewsets for FastAPI

    Core functionality only (basic viewsets & schema classes): Database tools: Let's create a viewset for managing content posts. It will provide full kit of actions with simple mock data: Pseudocode…

    tinkoffjournal
    67 Nov 17, 2023
    Python ticketing utility for working with tickets in popular tools

    ticketutil is a Python module that allows you to easily interact with various ticketing tools using their REST APIs. Currently, the supported tools are JIRA, RT, Redmine, Bugzilla, and ServiceNow. Al…

    dmranck
    64 May 01, 2024
    HUB REST API Python bindings

    The hub-rest-api-python provides Python bindings for Hub REST API. Introducing the new Client class. In order to provide a more robust long-term connection, faster performance, and an overall better …

    blackducksoftware
    84 Apr 30, 2024
    :evergreen_tree: Python module for communicating with the Taiga API

    Warning

    nephila
    92 Apr 08, 2024
    IDEX v3 Exchange REST API python implementation

    The examples above use the wallet private key when creating the Client to specify which wallet to interact with. IDEX v3 supports the Mumbai testnet as a sandbox to test functionality. For other toke…

    sammchardy
    92 Jan 19, 2024
    Serving a keras model (neural networks) in a website with the python Django-REST framework.
    marcogdepinto
    94 Apr 24, 2024
    Python library to interface with Gerrit's REST API

    Pygerrit2 is tested on the following platforms and Python versions: Support for Python 2.x is no longer guaranteed. To install pygerrit2, simply: This simple example shows how to get the user's open …

    dpursehouse
    95 Apr 12, 2024
    Code repository for Building RESTful Python Web Services, published by Packt

    All of the code is organized into folders. Each folder starts with a number followed by the application name. For example, Chapter02. The code will look like the following: In order to work with the …

    PacktPublishing
    116 Mar 25, 2023
    ⛔️ [DEPRECATED] python wrapper for Firebase's REST API

    A very simple wrapper for Firebase's REST API. Install python-firebase using pip: or with easy_install (not recommended): Then simply import firebase at the top of your python script: and then instan…

    mikexstudios
    118 Sep 14, 2023

    Subscribe to our newsletter