Cansina – Open Source Hidden Content Discovery Tool on Linux

Reconnaissance is one of the first steps to conduct within a pen test engagement. During this stage, information is gathered using different tools and sources. Some web applications may hide web resources from the public, there is however a way to discover the hidden content. This hidden content can contain some sensitive data about the internal architecture of the web application. Although for detecting this hidden content, we can try the hit and trial method by checking the response code of the request performed on the domain server, this process becomes more complicated if the scope of the application is vast. So we can perform an automation process for discovering the hidden content. Cansina is an automated script developed in the Python language which performs hidden content discovery by using the methodology of request and response. The Cansina tool is open source and free to use.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of Cansina Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/deibit/cansina

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd cansina

Step 3: You are in the directory of the Cansina. Now you have to install a dependency of the Cansina using the following command.

pip install -r requirements.txt

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 cansina.py -h

Working with Cansina Tool on Kali Linux OS

Example 1: Simple case

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt

In this example, we will make GET requests using 4 threads by default.

Example 2: Banning HTTP response codes to output

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -b 404,400,500

In this example, we have provided the selected codes that will be skipped.

Example 3: Adding a .php extension to every record in payload

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -e php

In this example, we will make all payload entries end with an extension.

Example 4: Adding a list of extensions

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -e php,asp,aspx

In this example, Same as above but will repeat every request for every extension provided.

Example 5: Inspecting content

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -c login

In this example, Cansina tool will report to screen if the content is detected with a response.

Example 6: Filtering by content

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -d 404

In this example, If the content is found it will be processed as a 404 Not Found page.

Example 7: Auto discriminator

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -D

In this example, First, Cansina will try to make and remember a 404 response and will skip similar responses.

Example 8: Size filtering

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -s 1495

In this example, If you don’t want a response and know its size is fixed this could help to skip all those responses.

Example 9: Uppercase all requests

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -U

In this example, Just make every payload UPPERCASE.

Example 10: Threading

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -t8

In this example, Set the threading level which is 4 by default.

Example 11: Change GET -> HEAD requests

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -H

In this example, Make requests using the HEAD HTTP method. Be aware that size and content filtering won’t work.

Example 12: Delay between requests

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -T 1.25

In this example, Set a delay between requests. Time is set in float format. E.g: 1.25 seconds.

Example 13: User-agent

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -a demo

In this example, Set an alternative User-Agent string.

Example 14: Proxy requests

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -P http://127.0.0.1:8080

In this example, a Simple HTTP proxy is set.

Example 15: Basic authentication

python3 cansina.py -u http://geeksforgeeks.org -p /usr/share/wordlists/dirbuster/directory-list-1.0.txt -A user:password

In this example,  we will see tool Manages basic authentication.

Example 16: Resume session

python3 cansina.py -r resume_file.txt

In this example, we will Resume the last interrupted session with all options and payload with the former line number.

Example 17: Parse robots.txt

python3 cansina.py -R

In this example, Cansina will parse the robots.txt file and use it as a payload if it exists.