Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Overview

WitnessMe

WitnessMe

WitnessMe is primarily a Web Inventory tool inspired by Eyewitness, its also written to be extensible allowing you to create custom functionality that can take advantage of the headless browser it drives in the back-end.

WitnessMe uses the Pyppeteer library to drive Headless Chromium.

Sponsors

Table of Contents

Motivation

Are there are a bunch of other tools that do this? Absolutely. See the following projects for alternatives (I'm sure there are more, these are the ones I've personally tried):

The reason why I wrote WitnessMe was that none of these projects had all of the features I wanted/needed in order for them to work well within my workflow. Additionally, some of them are prone to a decent amount of installation/dependency hell.

Here are some of the main features that make WitnessMe "stand out":

  • Written in Python 3.7+
  • Ability to parse extremely large Nessus and NMap XML files
  • Docker compatible
  • No installation/dependency hell
  • Full test suite! Everything is less prone to bugs
  • CSV & HTML reporting
  • HTTP Proxy Support
  • Provides a RESTful API! Scan stuff remotely!
  • CLI interface to view and search scan results without having to view the reports.
  • Signature scanning (Signatures use YAML files)
  • Preview screenshots directly in the terminal (On MacOSX/ITerm2 and some Nix terminals)
  • Extensibly written, allowing you to add functionality that can take advantage of headless chromium.
  • Built to be deployed to the Clouds (e.g. GCP Cloud Run , AWS ElasticBeanstalk etc...)

Official Discord Channel

Come hang out on Discord!

Porchetta Industries

Installation

Docker

Running WitnessMe from a Docker container is fully supported and is the easiest/recommended way of using the tool.

Note: it is highly recommended to give the Docker container at least 4GB of RAM during large scans as Chromium can be a resource hog. If you keep running into "Page Crash" errors, it's because your container does not have enough memory. On Mac/Windows you can change this by clicking the Docker Task Bar Icon -> Preferences -> Resources. For Linux, refer to Docker's documentation

Pull the image from Docker Hub:

docker pull byt3bl33d3r/witnessme

You can then spin up a docker container, run it like the main witnessme script and pass it the same arguments:

docker run --rm -ti $IMAGE_ID screenshot https://google.com 192.168.0.1/24

Alternatively, you can drop into a shell within the container and run the tools that way. This also allows you to execute the wmdb and wmapi scripts.

docker run --rm -ti --entrypoint=/bin/sh $IMAGE_ID

Python Package

WitnessMe is also available as a Python package (Python 3.7 or above is required). If you do install it this way it is extremely recommended to use pipx as it takes care of installing everything in isolated environments for you in a seamless manner.

Run the following commands:

python3 -m pip install --user pipx
pipx install witnessme

All of the WitnessMe scripts should now be in your PATH and ready to go.

Development Install

You really should only install WitnessMe this way if you intend to hack on the source code. You're going to Python 3.7+ and Poetry: please refer to the Poetry installation documentation in order to install it.

git clone https://github.com/byt3bl33d3r/WitnessMe && cd WitnessMe
poetry install

Quick Starts

Finding F5 Load Balancers Vulnerable to CVE-2020-5902

Install WitnessMe using Docker:

docker pull byt3bl33d3r/witnessme

Get the $IMAGE_ID from the docker images command output, then run the following command to drop into a shell inside the container. Additionally, specify the -v flag to mount the current directory inside the container at the path /transfer in order to copy the scan results back to your host machine (if so desired):

docker run -it --entrypoint=/bin/sh -v $(pwd):/transfer $IMAGE_ID

Scan your network using WitnessMe, it can accept multiple .Nessus files, Nmap XMLs, IP ranges/CIDRs. Example:

witnessme screenshot 10.0.1.0/24 192.168.0.1-20 ~/my_nessus_scan.nessus ~/my_nmap_scan.xml

After the scan is finished, a folder will have been created in the current directory with the results. Access the results using the wmdb command line utility:

wmdb scan_2020_$TIME/

To quickly identify F5 load balancers, first perform a signature scan using the scan command. Then search for "BIG-IP" or "F5" using the servers command (this will search for the "BIG-IP" and "F5" string in the signature name, page title and server header):

image

Additionally, you can generate an HTML or CSV report using the following commands:

WMDB ≫ generate_report html
WMDB ≫ generate_report csv

You can then copy the entire scan folder which will contain all of the reports and results to your host machine by copying it to the /transfer folder.

Scraping Javascript Heavy Webpages

As of v1.5.0, WitnessMe has a grab command which allows you to quickly scrape Javascript heavy webpages by rendering the page first with Headless Chromium and then parsing the resulting HTML using the specified XPath (see here for an XPath cheatsheet).

Below are a few examples to get your started.

This grabs a list of all advertised domains on the 144.161.160.0/23 subnet from Hurricane Electric's BGP Toolkit:

witnessme -d grab -x '//div[@id="dns"]/table//tr/td[2]/a/text()' https://bgp.he.net/net/144.161.160.0/23#_dns

RESTful API

As of version 1.0, WitnessMe has a RESTful API which allows you to interact with the tool remotely.

Note: Currently, the API does not implement any authentication mechanisms. Make sure to allow/deny access at the transport level

To start the RESTful API for testing/development purposes run :

wmapi

The API documentation will then be available at http://127.0.0.1:8000/docs

Uvicorn should be used to enable SSL and run the API in production. See this dockerfile for an example.

Deploying to the Cloud (™)

Since WitnessMe has a RESTful API now, you can deploy it to the magical cloud and perform scanning from there. This would have a number of benefits, including giving you a fresh external IP on every scan (More OPSEC safe when assessing attack surface on Red Teams).

There are a number of ways of doing this, you can obviously do it the traditional way (e.g. spin up a machine, install docker etc..).

Recently cloud service providers started offering ways of running Docker containers directly in a fully managed environment. Think of it as serverless functions (e.g. AWS Lambdas) only with Docker containers.

This would technically allow you to really quickly deploy and run WitnessMe (or really anything in a Docker container) without having to worry about underlying infrastructure and removes a lot of the security concerns that come with that.

Below are some of the ones I've tried along with the steps necessary to get it going and any issues I encountered.

GCP Cloud Run

Unfortunately, it seems like Cloud Run doesn't allow outbound internet access to containers, if anybody knows of a way to get around this please get in touch

Cloud Run is by far the easiest of these services to work with.

This repository includes the cloudbuild.yaml file necessary to get this setup and running.

From the repositories root folder (after you authenticated and setup a project), these two commands will automatically build the Docker image, publish it to the Gcloud Container Registry and deploy a working container to Cloud Run:

gcloud builds submit --config cloudbuild.yaml
gcloud run deploy --image gcr.io/$PROJECT_ID/witnessme --platform managed

The output will give you a HTTPS url to invoke the WitnessMe RESTful API from :)

When you're done:

gcloud run services delete witnessme
gcloud container images delete gcr.io/$PROJECT_ID/witnessme

AWS ElasticBeanstalk

TO DO

Usage

There are 3 main utilities:

  • witnessme: is the main CLI interface.
  • wmdb: allows you to browse the database (created on each scan) to view results and generate reports.
  • wmapi: provides a RESTful API to schedule, start, stop and monitor scans.

Modes of Operations

As of v1.5.0 there are two main modes (commands) that the witnessme utility Supports:

  • The screenshot command, you guessed it, screenshots webpages. This is the main functionality.
  • The grab command allows you to scrape pages and quickly grab server headers.
usage: witnessme [-h] [--threads THREADS] [--timeout TIMEOUT] [-d] [-v] {screenshot,grab} ...

WitnessMe!

positional arguments:
  {screenshot,grab}

optional arguments:
  -h, --help         show this help message and exit
  --threads THREADS  Number of concurrent browser tab(s) to open
                     [WARNING: This can cause huge RAM consumption if set to high values] (default: 15)
  --timeout TIMEOUT  Timeout for each connection attempt in seconds (default: 15)
  -d, --debug        Enable debug output (default: False)
  -v, --version      show program's version number and exit

Screenshot Mode

$ witnessme screenshot --help
usage: witnessme screenshot [-h] [-p PORTS [PORTS ...]] target [target ...]

positional arguments:
  target                The target IP(s), range(s), CIDR(s) or hostname(s), NMap XML file(s), .Nessus file(s)

optional arguments:
  -h, --help            show this help message and exit
  -p PORTS [PORTS ...], --ports PORTS [PORTS ...]
                        Ports to scan if IP Range/CIDR is provided

Can accept a mix of .Nessus file(s), Nmap XML file(s), files containing URLs and/or IPs, IP addresses/ranges/CIDRs and URLs or alternatively read from stdin.

Note: WitnessMe detects .Nessus and NMap files by their extension so make sure Nessus files have a .nessus extension and NMap scans have a .xml extension

Long story short, should be able to handle anything you throw at it:

witnessme screenshot 192.168.1.0/24 192.168.1.10-20 https://bing.com ~/my_nessus_scan.nessus ~/my_nmap_scan.xml ~/myfilewithURLSandIPs
$ cat my_domain_list.txt | witnessme screenshot -

If an IP address/range/CIDR is specified as a target, WitnessMe will attempt to screenshot HTTP & HTTPS pages on ports 80, 8080, 443, 8443 by default. This is customizable with the --port argument.

Once a scan is completed, a folder with all the screenshots and a database will be in the current directory, point wmdb to the folder in order to see the results.

wmdb scan_2019_11_05_021237/

Grab Mode

$ witnessme grab --help
usage: witnessme grab [-h] [-x XPATH | -l] target [target ...]

positional arguments:
  target                The target IP(s), range(s), CIDR(s) or hostname(s), NMap XML file(s), .Nessus file(s)

optional arguments:
  -h, --help            show this help message and exit
  -x XPATH, --xpath XPATH
                        XPath to use
  -l, --links           Get all links

The grab subcommand allows you to render Javascript heavy webpages and scrape their content using XPaths. See this section for some examples.

Interacting with the Scan Database

Once a scan is completed (using the screenshot mode), a folder with all the screenshots and a database will be in the current directory, point wmdb to the folder in order to see the results.

wmdb scan_2019_11_05_021237/

This will drop you into the WMDB CLI menu.

Pressing tab will show you the available commands and a help menu:

Tab

The servers and hosts commands in the wmdb CLI accept 1 argument. WMCLI is smart enough to know what you're trying to do with that argument

Server Command

No arguments will show all discovered servers. Passing it an argument will search the title and server columns for that pattern (it's case insensitive).

For example if you wanted to search for all discovered Apache Tomcat servers:

  • servers tomcat or servers 'apache tomcat'

Similarly if you wanted to find servers with a 'login' in the title:

  • servers login

Hosts Command

No arguments will show all discovered hosts. Passing it an argument will search the IP and Hostname columns for that pattern (it's case insensitive). If the value corresponds to a Host ID it will show you the host information and all of the servers discovered on that host which is extremely useful for reporting purposes and/or when targeting specific hosts.

Signature Scan

You can perform a signature scan on all discovered services using the scan command.

Generating Reports

You can use the generate_report command in the wmdb cli to generate reports in HTML or CSV format. To generate a HTML report simply run generate_report without any arguments. Here's an example of what it'll look like:

image

To generate a CSV report:

WMDB ≫ generate_report csv

The reports will then be available in the scan folder.

Proxying

As of v1.5 WitnessMe supports proxying all of its traffic through an HTTP proxy. Specify a HTTP_PROXY environment variable to force the underlying headless browser to proxy its traffic through the desired host:

HTTP_PROXY=http://127.0.0.1:8080 witnessme screenshot ~/my_targets.txt
HTTP_PROXY=http://127.0.0.1:8080 witnessme grab https://www.google.com

Preview Screenshots Directly in the Terminal

Note: this feature will only work if you're on MacOSX and using ITerm2

You can preview screenshots directly in the terminal using the show command:

ScreenPreview

Writing Signatures

If you run into a new webapp write a signature for it! It's beyond simple and they're all in YAML!

Don't believe me? Here's the AirOS signature (you can find them all in the signatures directory):

credentials:
- password: ubnt
  username: ubnt
name: AirOS
signatures:
- airos_logo.png
- form enctype="multipart/form-data" id="loginform" method="post"
- align="center" class="loginsubtable"
- function onLangChange()
# AirOS ubnt/ubnt

Yup that's it. Just plop it in the signatures folder and POW! Done.

Comments
  • Error taking screenshot: expected string or bytes-like object

    Error taking screenshot: expected string or bytes-like object

    I'll started WitnessMe with a .nessus file, but I receive the error

    Error taking screenshot: expected string or bytes-like object

    Screenshot: https://monosnap.com/file/OofiFk9CJ4JSLOr8dJX17x8rFon9kY

    Moar info required tovarish 
    opened by ghost 14
  • Error calling command 'scan': module 'yaml' has no attribute 'CLoader'

    Error calling command 'scan': module 'yaml' has no attribute 'CLoader'

    The working environment is Mac OS.

    WMDB ≫ scan 1 Traceback (most recent call last): File "wmdb.py", line 239, in cmdloop await self.scan() File "wmdb.py", line 197, in scan self.signatures.load() File "/Users/[redacted]/opt/WitnessMe/witnessme/signatures.py", line 15, in load self.signatures.append(yaml.load(sig, Loader=yaml.CLoader)) AttributeError: module 'yaml' has no attribute 'CLoader' Error calling command 'scan': module 'yaml' has no attribute 'CLoader'

    Moar info required tovarish 
    opened by sdcampbell 7
  • Connection to Chrome/Chromium times out after 1k-ish screenshots?

    Connection to Chrome/Chromium times out after 1k-ish screenshots?

    So apparently, there's yet another websocket connection bug in pyppeteer. Seems that after 400ish screenshots the connection to chrome just dies. :( https://github.com/miyakogi/pyppeteer/issues/149

    Tried some of the proposed fixes but none of them worked for me.

    [E:pyppeteer.connection] connection unexpectedly closed
    2019-11-10 23:19:09,304 [ERROR] - base_events.py: default_exception_handler - Task exception was never retrieved
    future: <Task finished name='Task-7697' coro=<Connection._async_send() done, defined at /home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/pyppeteer/connection.py:69> exception=InvalidStateError('invalid state')>
    Traceback (most recent call last):
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/websockets/protocol.py", line 827, in transfer_data
        message = await self.read_message()
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/websockets/protocol.py", line 895, in read_message
        frame = await self.read_data_frame(max_size=self.max_size)
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/websockets/protocol.py", line 971, in read_data_frame
        frame = await self.read_frame(max_size)
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/websockets/protocol.py", line 1047, in read_frame
        frame = await Frame.read(
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/websockets/framing.py", line 105, in read
        data = await reader(2)
      File "/home/bhis/.pyenv/versions/3.8.0/lib/python3.8/asyncio/streams.py", line 738, in readexactly
        raise exceptions.IncompleteReadError(incomplete, n)
    asyncio.exceptions.IncompleteReadError: 0 bytes read on a total of 2 expected bytes
    
    The above exception was the direct cause of the following exception:
    
    Traceback (most recent call last):
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/pyppeteer/connection.py", line 73, in _async_send
        await self.connection.send(msg)
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/websockets/protocol.py", line 555, in send
        await self.ensure_open()
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/websockets/protocol.py", line 803, in ensure_open
        raise self.connection_closed_exc()
    websockets.exceptions.ConnectionClosedError: code = 1006 (connection closed abnormally [internal]), no reason
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/pyppeteer/connection.py", line 79, in _async_send
        await self.dispose()
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/pyppeteer/connection.py", line 170, in dispose
        await self._on_close()
      File "/home/bhis/.local/share/virtualenvs/WitnessMe-QFMsedki/lib/python3.8/site-packages/pyppeteer/connection.py", line 151, in _on_close
        cb.set_exception(_rewriteError(
    asyncio.exceptions.InvalidStateError: invalid state
    
    bug 
    opened by byt3bl33d3r 7
  • TypeError when parsing nmap file

    TypeError when parsing nmap file

    The following error is thrown when an nmap XML is given as input :

      File "/home/neo/.local/pipx/venvs/witnessme/lib/python3.8/site-packages/witnessme/parsers.py", line 109, in parser_callback
        if port["@protocol"] == "tcp" and port["state"]["@state"] == "open":
    TypeError: string indices must be integers
    
    bug 
    opened by pwnfoo 6
  • Errors during nmap XML parsing

    Errors during nmap XML parsing

    I was attempting to run WitnessMe with a large nmap XML file for the top 1000 ports in a certain range. When passing this to WitnessMe (using both pipx and docker) I received the following error:

    # docker run -it --entrypoint=/bin/sh -v $(pwd):/transfer a45ee02a44c1
    $ witnessme screenshot /transfer/top1000.xml
    [witnessme.screenshot] INFO - Starting scan 593de326-9a88-4ee1-9701-305af0bfb66b
    Task exception was never retrieved
    future: <Task finished name='Task-3' coro=<HeadlessChromium.target_producer() done, defined at /home/appuser/.local/lib/python3.8/site-packages/witnessme/headlessbrowser.py:64> exception=KeyError('port')>
    Traceback (most recent call last):
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/headlessbrowser.py", line 66, in target_producer
        for url in generated_targets:
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/parsers.py", line 198, in generate
        for url in generated_urls:
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/parsers.py", line 85, in __enter__
        xmltodict.parse(
      File "/home/appuser/.local/lib/python3.8/site-packages/xmltodict.py", line 325, in parse
        parser.ParseFile(xml_input)
      File "/usr/src/python/Modules/pyexpat.c", line 461, in EndElement
      File "/home/appuser/.local/lib/python3.8/site-packages/xmltodict.py", line 126, in endElement
        should_continue = self.item_callback(self.path, item)
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/parsers.py", line 108, in parser_callback
        ports = item["ports"]["port"]
    KeyError: 'port'
    

    I was able to use gowitness and it parsed the file normally, so I believe this has something to do with how WitnessMe handles nmap XML parsing.

    bug 
    opened by sebrink 5
  • Adding --no-sandbox param to the pyppeteer

    Adding --no-sandbox param to the pyppeteer

    When you try to run witness me with root user, pyppeteer will be ignoring to initiate chrome process. In order to avoid from that, we gotta pass args=['--no-sandbox'] to launch() function.

    https://github.com/byt3bl33d3r/WitnessMe/blob/c8086041a418026b1b4b13afeb253ee6cdcef188/witnessme.py#L139

    I do propose following fix. I've tested it on locally.

    browser = await pyppeteer.launch(headless=True, ignoreHTTPSErrors=True, args=['--no-sandbox'])
    
    duplicate 
    opened by mdisec 4
  • Doesn't recognize file with urls

    Doesn't recognize file with urls

    Hi, I'm trying to feed it a plain file with urls but it appears it's trying to resolve the filename instead of the actual urls in the file.

     ⚡ root@kali ~/tools/witnessme docker run --rm -ti 0c2b4fbab0b3 /tmp/domains
    [witnessme.utils] DEBUG - Patching pyppeteer...
    [witnessme.scan] DEBUG - Waiting for queue to populate...
    [witnessme.parsers] DEBUG - Detected IP Address/Range/CIDR, hostname or URL as a target
    [witnessme.scan] INFO - Starting headless browser
    [witnessme.scan] INFO - Using 8 worker thread(s)
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at http:///tmp/domains:8080
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at http:///tmp/domains:443
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at http:///tmp/domains:8443
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at https:///tmp/domains:80
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at https:///tmp/domains:8080
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at https:///tmp/domains:443
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at http:///tmp/domains:80
    [witnessme.scan] ERROR - Error taking screenshot: net::ERR_NAME_NOT_RESOLVED at https:///tmp/domains:8443
    [witnessme.scan] INFO - Killing headless browser
    
    Moar info required tovarish 
    opened by bluecanarybe 3
  • websocket installation fails during pipenv install --three

    websocket installation fails during pipenv install --three

    I am trying to add WitnessMe to the SamuraiWTF build. We are getting a failure during the set up from pipenv failing to find a matching version of websockets.

    Basically the error is:

    "ERROR: Could not find a version that satisfies the requirement websocket==8.1" It then lists "from versions" and that only goes to 7.0. This is a Debian system from SamuraiWTF

    opened by secureideas 3
  • Ability to output to CSV or XML --feature request

    Ability to output to CSV or XML --feature request

    The tool makes a very useful graph output. Would it be possible to leverage it in another format that is shareable to people that don't have WitnessMe installed?

    Specifically, I was hoping for a CSV or XML output.

    enhancement 
    opened by nullenc0de 2
  • PermissionError: [Errno 13] Permission denied: in docker container

    PermissionError: [Errno 13] Permission denied: in docker container

    Hi, i run docker with docker run --rm -ti --entrypoint=/bin/sh $IMAGE_ID but, i don't have enough rights to run witnessme screenshot https://google.com, how to fix it?

    $ witnessme screenshot https://google.com
    [witnessme.screenshot] INFO - Starting scan 0ba5b46f-4349-4535-a3ab-1dd522fa9373
    Traceback (most recent call last):
      File "/home/appuser/.local/bin/witnessme", line 8, in <module>
        sys.exit(run())
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/console/witnessme.py", line 113, in run
        args.func(args)
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/utils.py", line 41, in wrapper
        return asyncio.run(f(*args, **kwargs))
      File "/usr/local/lib/python3.8/asyncio/runners.py", line 44, in run
        return loop.run_until_complete(main)
      File "/usr/local/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete
        return future.result()
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/console/witnessme.py", line 19, in screenshot
        await cmd.start()
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/commands/screenshot.py", line 128, in start
        await self._scan_task
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/commands/screenshot.py", line 114, in setup_and_run
        os.mkdir(self.report_folder)
    PermissionError: [Errno 13] Permission denied: 'scan_2022_02_22_180619'
    
    
    opened by ghost 1
  • Bump lxml from 4.5.2 to 4.6.5

    Bump lxml from 4.5.2 to 4.6.5

    Bumps lxml from 4.5.2 to 4.6.5.

    Changelog

    Sourced from lxml's changelog.

    4.6.5 (2021-12-12)

    Bugs fixed

    • A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script content through SVG images.

    • A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script content through CSS imports and other crafted constructs.

    4.6.4 (2021-11-01)

    Features added

    • GH#317: A new property system_url was added to DTD entities. Patch by Thirdegree.

    • GH#314: The STATIC_* variables in setup.py can now be passed via env vars. Patch by Isaac Jurado.

    4.6.3 (2021-03-21)

    Bugs fixed

    • A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung, which allowed JavaScript to pass through. The cleaner now removes the HTML5 formaction attribute.

    4.6.2 (2020-11-26)

    Bugs fixed

    • A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry, which allowed JavaScript to pass through. The cleaner now removes more sneaky "style" content.

    4.6.1 (2020-10-18)

    ... (truncated)

    Commits
    • a9611ba Fix a test in Py2.
    • a3eacbc Prepare release of 4.6.5.
    • b7ea687 Update changelog.
    • 69a7473 Cleaner: cover some more cases where scripts could sneak through in specially...
    • 54d2985 Fix condition in test decorator.
    • 4b220b5 Use the non-depcrecated TextTestResult instead of _TextTestResult (GH-333)
    • d85c6de Exclude a test when using the macOS system libraries because it fails with li...
    • cd4bec9 Add macOS-M1 as wheel build platform.
    • fd0d471 Install automake and libtool in macOS build to be able to install the latest ...
    • f233023 Cleaner: Remove SVG image data URLs since they can embed script content.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump certifi from 2020.6.20 to 2022.12.7

    Bump certifi from 2020.6.20 to 2022.12.7

    Bumps certifi from 2020.6.20 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump lxml from 4.5.2 to 4.9.1

    Bump lxml from 4.5.2 to 4.9.1

    Bumps lxml from 4.5.2 to 4.9.1.

    Changelog

    Sourced from lxml's changelog.

    4.9.1 (2022-07-01)

    Bugs fixed

    • A crash was resolved when using iterwalk() (or canonicalize()) after parsing certain incorrect input. Note that iterwalk() can crash on valid input parsed with the same parser after failing to parse the incorrect input.

    4.9.0 (2022-06-01)

    Bugs fixed

    • GH#341: The mixin inheritance order in lxml.html was corrected. Patch by xmo-odoo.

    Other changes

    • Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12.

    • Wheels include zlib 1.2.12, libxml2 2.9.14 and libxslt 1.1.35 (libxml2 2.9.12+ and libxslt 1.1.34 on Windows).

    • GH#343: Windows-AArch64 build support in Visual Studio. Patch by Steve Dower.

    4.8.0 (2022-02-17)

    Features added

    • GH#337: Path-like objects are now supported throughout the API instead of just strings. Patch by Henning Janssen.

    • The ElementMaker now supports QName values as tags, which always override the default namespace of the factory.

    Bugs fixed

    • GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively.

    ... (truncated)

    Commits
    • d01872c Prevent parse failure in new test from leaking into later test runs.
    • d65e632 Prepare release of lxml 4.9.1.
    • 86368e9 Fix a crash when incorrect parser input occurs together with usages of iterwa...
    • 50c2764 Delete unused Travis CI config and reference in docs (GH-345)
    • 8f0bf2d Try to speed up the musllinux AArch64 build by splitting the different CPytho...
    • b9f7074 Remove debug print from test.
    • b224e0f Try to install 'xz' in wheel builds, if available, since it's now needed to e...
    • 897ebfa Update macOS deployment target version from 10.14 to 10.15 since 10.14 starts...
    • 853c9e9 Prepare release of 4.9.0.
    • d3f77e6 Add a test for https://bugs.launchpad.net/lxml/+bug/1965070 leaving out the a...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump pycares from 3.1.1 to 4.2.0

    Bump pycares from 3.1.1 to 4.2.0

    Bumps pycares from 3.1.1 to 4.2.0.

    Release notes

    Sourced from pycares's releases.

    4.2.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/saghul/pycares/compare/pycares-4.1.2...pycares-4.2.0

    4.1.2

    Added support for Python 3.10.

    4.1.1

    Added support for Python 3.10.

    4.1.0

    Add support for Python 3.10.

    4.0.0

    • core: add support for CAA queries
    • core: add support for getaddrinfo()
    • doc: update README
    • core: add ability to use the system installed c-ares
    • misc: set version to 4.0.0
    • test: remove TTL tests
    • core: update c-ares and use a submodule
    • core: drop bundled c-ares version
    • misc: drop tasks.py

    3.2.3

    No release notes provided.

    3.2.2

    • Publish aarch64 wheels

    3.2.1

    No release notes provided.

    3.2.0

    • misc: add Python 3.9 classifier
    • core: drop py3.5 from CI and documentation
    • ci: run tests in Python 3.9
    • ci: fix SDK path in appveyor
    • ci: fix VS linker in appveyor
    • ci: update python installer script in appveyor
    • misc: add compiled windows dll to gitignore
    • test: skip SOA non-ascii test due to changes in remote host
    • test: fix broken chunked TXT test due to changes in remote host
    • test: skip ANY test due to problems with mac
    • ci: add action to release wheels to PyPi

    ... (truncated)

    Changelog

    Sourced from pycares's changelog.

    No longer updated. Please check the commits.

    Version 4.0.0

    • doc: uppdate README
    • core: add support for CAA queries
    • core: add support for getaddrinfo()
    • doc: update README
    • core: add ability to use the system installed c-ares
    • misc: set version to 4.0.0
    • test: remove TTL tests
    • core: update c-ares and use a submodule
    • core: drop bundled c-ares version
    • misc: drop tasks.py

    Version 3.2.0

    • misc: add Python 3.9 classifier
    • core: drop py3.5 from CI and documentation
    • ci: run tests in Python 3.9
    • ci: fix SDK path in appveyor
    • ci: fix VS linker in appveyor
    • ci: update python installer script in appveyor
    • misc: add compiled windows dll to gitignore
    • test: skip SOA non-ascii test due to changes in remote host
    • test: fix broken chunked TXT test due to changes in remote host
    • test: skip ANY test due to problems with mac
    • ci: add action to release wheels to PyPi
    • ci: drop AppVeyor
    • ci: don't fail fast
    • ci: stop testing on Travis
    • test: add generic way to check for a CI
    • test: relax check
    • test: try to avoid spurious CI failures
    • ci: test all platforms on GH actions
    • ci: build wheels on GH Actions
    • build: fix build error on macOS
    • ci: explicitly set Python versions to build wheels for
    • ci: update cibuildwheel
    • ci: re-add IDNA test
    Commits
    • 7d62675 misc: update changelog
    • 5de6097 misc: set version to 4.2.0
    • faab689 tests: ignoring 2 tests due to dead servers
    • 8026e66 tests: updated google TXT records for an outdated test
    • f431164 deps: update bundled c-ares
    • b1b9834 misc: set version to 4.1.2
    • b6d517e build: add PYPIREADME.rst to manifest
    • f427967 misc: set version to 4.1.1
    • 70820fc misc: add PyPI README without images
    • a856b20 misc: update c-ares URL
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • wmdb soft_unicode missing

    wmdb soft_unicode missing

    soft_unicode is depreciated from the markupsafe toolkit and thus wmdb no longer works.

    The temporary fix for this issue is to install the older version of markupsafe, in pipx thats done with the following command: pipx inject witnessme --pip-args install markupsafe==2.0.1

    opened by Telekors 2
  • Task id 404 Not Found

    Task id 404 Not Found

    Hi, Why if i run in docker witnessme screenshot https://google.com i received task id : 5e685058-8916-4a13-8564-9e928efedbff but after running wmapi and i want to get results about recenlty received task id, i have error 404 Not Found, it's not same task id or?

    $ witnessme screenshot https://google.com
    [witnessme.screenshot] INFO - Starting scan 5e685058-8916-4a13-8564-9e928efedbff
    [witnessme.headlessbrowser] INFO - Starting headless browser
    [witnessme.headlessbrowser] INFO - Using 1 browser tab(s)/thread(s)
    [witnessme.screenshot] INFO - Took screenshot of https://google.com:443
    [witnessme.headlessbrowser] INFO - Killing headless browser
    [witnessme.screenshot] INFO - Saved scan to scan_2022_02_22_234054/
    $ ls
    scan_2022_02_22_234054 src
    $ cd scan_2022_02_22_234054
    $ ls
    https_google.com_443.png  witnessme.db
    $ wmapi 0.0.0.0 8000
    INFO:     Started server process [70]
    INFO:     Waiting for application startup.
    INFO:     Application startup complete.
    INFO:     Uvicorn running on http://0.0.0.0:8000 (Press CTRL+C to quit)
    INFO:     172.17.0.1:60650 - "GET /docs HTTP/1.1" 200 OK
    INFO:     172.17.0.1:60650 - "GET /openapi.json HTTP/1.1" 200 OK
    INFO:     172.17.0.1:60652 - "GET /screenshot/ HTTP/1.1" 200 OK
    INFO:     172.17.0.1:60654 - "GET /screenshot/5e685058-8916-4a13-8564-9e928efedbff/result HTTP/1.1" 404 Not Found
    
    opened by ghost 0
  • Unable to GET/screenshot/{scan_id}/result

    Unable to GET/screenshot/{scan_id}/result

    hi, i follow all steps to test API (http://127.0.0.1:8000/docs#/), but on step GET/screenshot/{scan_id}/result i have this error:

    INFO:     172.17.0.1:60500 - "GET /screenshot/ HTTP/1.1" 200 OK
    INFO:     172.17.0.1:60502 - "POST /screenshot/ HTTP/1.1" 200 OK
    INFO:     172.17.0.1:60504 - "GET /screenshot/3a2438f3-3c4c-4438-9ed7-44d5ae5c45f2 HTTP/1.1" 200 OK
    INFO:     172.17.0.1:60506 - "GET /screenshot/3a2438f3-3c4c-4438-9ed7-44d5ae5c45f2/start HTTP/1.1" 200 OK
    2022-02-22 18:57:01,848 [INFO] witnessme.screenshot - screenshot.py: start - Starting scan 3a2438f3-3c4c-4438-9ed7-44d5ae5c45f2
    2022-02-22 18:57:01,866 [DEBUG] witnessme.headlessbrowser - headlessbrowser.py: run - Waiting for queue to populate...
    2022-02-22 18:57:01,866 [DEBUG] witnessme.parsers - parsers.py: generate - Detected IP Address/Range/CIDR, hostname or URL as a target
    2022-02-22 18:57:01,866 [DEBUG] witnessme.parsers - parsers.py: generate - Detected IP Address/Range/CIDR, hostname or URL as a target
    2022-02-22 18:57:01,966 [INFO] witnessme.headlessbrowser - headlessbrowser.py: start_browser - Starting headless browser
    2022-02-22 18:57:02,052 [INFO] witnessme.headlessbrowser - headlessbrowser.py: start_browser - Using 2 browser tab(s)/thread(s)
    2022-02-22 18:57:04,913 [INFO] witnessme.screenshot - screenshot.py: add_to_database - Took screenshot of https://google.com:443
    2022-02-22 18:57:04,926 [DEBUG] witnessme.headlessbrowser - headlessbrowser.py: open_browser_tab - Navigated to https://google.com
    2022-02-22 18:57:05,983 [INFO] witnessme.screenshot - screenshot.py: add_to_database - Took screenshot of https://opera.com:443
    2022-02-22 18:57:05,998 [DEBUG] witnessme.headlessbrowser - headlessbrowser.py: open_browser_tab - Navigated to https://opera.com
    2022-02-22 18:57:06,003 [INFO] witnessme.headlessbrowser - headlessbrowser.py: start_browser - Killing headless browser
    2022-02-22 18:57:06,023 [INFO] witnessme.screenshot - screenshot.py: start - Saved scan to scan_2022_02_22_185619/
    2022-02-22 18:57:27,397 [INFO] witnessme.screenshot - screenshot.py: stop - Stopping scan 3a2438f3-3c4c-4438-9ed7-44d5ae5c45f2
    INFO:     172.17.0.1:60510 - "GET /screenshot/3a2438f3-3c4c-4438-9ed7-44d5ae5c45f2/stop HTTP/1.1" 200 OK
    INFO:     172.17.0.1:60512 - "GET /screenshot/3a2438f3-3c4c-4438-9ed7-44d5ae5c45f2/result HTTP/1.1" 500 Internal Server Error
    ERROR:    Exception in ASGI application
    Traceback (most recent call last):
      File "/home/appuser/.local/lib/python3.8/site-packages/uvicorn/protocols/http/httptools_impl.py", line 390, in run_asgi
        result = await app(self.scope, self.receive, self.send)
      File "/home/appuser/.local/lib/python3.8/site-packages/uvicorn/middleware/proxy_headers.py", line 45, in __call__
        return await self.app(scope, receive, send)
      File "/home/appuser/.local/lib/python3.8/site-packages/fastapi/applications.py", line 146, in __call__
        await super().__call__(scope, receive, send)
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/applications.py", line 102, in __call__
        await self.middleware_stack(scope, receive, send)
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/middleware/errors.py", line 181, in __call__
        raise exc from None
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/middleware/errors.py", line 159, in __call__
        await self.app(scope, receive, _send)
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/exceptions.py", line 82, in __call__
        raise exc from None
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/exceptions.py", line 71, in __call__
        await self.app(scope, receive, sender)
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/routing.py", line 550, in __call__
        await route.handle(scope, receive, send)
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/routing.py", line 227, in handle
        await self.app(scope, receive, send)
      File "/home/appuser/.local/lib/python3.8/site-packages/starlette/routing.py", line 41, in app
        response = await func(request)
      File "/home/appuser/.local/lib/python3.8/site-packages/fastapi/routing.py", line 196, in app
        raw_response = await run_endpoint_function(
      File "/home/appuser/.local/lib/python3.8/site-packages/fastapi/routing.py", line 148, in run_endpoint_function
        return await dependant.call(**values)
      File "/home/appuser/.local/lib/python3.8/site-packages/witnessme/api/routers/scan.py", line 59, in get_scan_result
        if not scan.stats.done:
    AttributeError: 'BrowserStats' object has no attribute 'done'
    
    
    opened by ghost 0
Owner
byt3bl33d3r
T H I C C M A L W A R E
byt3bl33d3r
The template for building scalable web APIs based on FastAPI, Tortoise ORM and other.

FastAPI and Tortoise ORM. Powerful but simple template for web APIs w/ FastAPI (as web framework) and Tortoise-ORM (for working via database without h

prostomarkeloff 95 Jan 8, 2023
api versioning for fastapi web applications

fastapi-versioning api versioning for fastapi web applications Installation pip install fastapi-versioning Examples from fastapi import FastAPI from f

Dean Way 472 Jan 2, 2023
更新 2.0 版本,使用 Python WEB 高性能异步框架 FastAPI 制作的抖音无水印解析下载,采用前后端分离思想!

前言 这个是 2.0 版本,使用现在流行的前后端分离思想重构。 体验网址:https://douyin.bigdataboy.cn 更新日志 2020.05.30:使用 FastAPI 前后端分离重构 2020.05.02:已更新,正常使用 2020.04.27:抖音结构更新,已修复视频有水印。(失

null 64 Nov 25, 2022
sample web application built with FastAPI + uvicorn

SPARKY Sample web application built with FastAPI & Python 3.8 shows simple Flask-like structure with a Bootstrap template index.html also has a backgr

mrx 21 Jan 3, 2022
a lightweight web framework based on fastapi

start-fastapi Version 2021, based on FastAPI, an easy-to-use web app developed upon Starlette Framework Version 2020 中文文档 Requirements python 3.6+ (fo

HiKari 71 Dec 30, 2022
Web Version of avatarify to democratize even further

Web-avatarify for image animations This is the code base for this website and its backend. This aims to bring technology closer to everyone, just by a

Carlos Andrés Álvarez Restrepo 66 Nov 9, 2022
Backend, modern REST API for obtaining match and odds data crawled from multiple sites. Using FastAPI, MongoDB as database, Motor as async MongoDB client, Scrapy as crawler and Docker.

Introduction Apiestas is a project composed of a backend powered by the awesome framework FastAPI and a crawler powered by Scrapy. This project has fo

Fran Lozano 54 Dec 13, 2022
Social Distancing Detector using deep learning and capable to run on edge AI devices such as NVIDIA Jetson, Google Coral, and more.

Smart Social Distancing Smart Social Distancing Introduction Getting Started Prerequisites Usage Processor Optional Parameters Configuring AWS credent

Neuralet 129 Dec 12, 2022
API & Webapp to answer questions about COVID-19. Using NLP (Question Answering) and trusted data sources.

This open source project serves two purposes. Collection and evaluation of a Question Answering dataset to improve existing QA/search methods - COVID-

deepset 329 Nov 10, 2022
Example app using FastAPI and JWT

FastAPI-Auth Example app using FastAPI and JWT virtualenv -p python3 venv source venv/bin/activate pip3 install -r requirements.txt mv config.yaml.exa

Sander 28 Oct 25, 2022
Backend Skeleton using FastAPI and Sqlalchemy ORM

Backend API Skeleton Based on @tiangolo's full stack postgres template, with some things added, some things removed, and some things changed. This is

David Montague 18 Oct 31, 2022
Deploy an inference API on AWS (EC2) using FastAPI Docker and Github Actions

Deploy an inference API on AWS (EC2) using FastAPI Docker and Github Actions To learn more about this project: medium blog post The goal of this proje

Ahmed BESBES 60 Dec 17, 2022
Example of using FastAPI and MongoDB database.

FastAPI Todo Application Example of using FastAPI and MangoDB database. ?? Prerequisites Python ⚙️ Build & Run The first thing to do is to clone the r

Bobynets Ivan 1 Oct 29, 2021
Monitor Python applications using Spring Boot Admin

Pyctuator Monitor Python web apps using Spring Boot Admin. Pyctuator supports Flask, FastAPI, aiohttp and Tornado. Django support is planned as well.

SolarEdge Technologies 145 Dec 28, 2022
A complete end-to-end machine learning portal that covers processes starting from model training to the model predicting results using FastAPI.

Machine Learning Portal Goal Application Workflow Process Design Live Project Goal A complete end-to-end machine learning portal that covers processes

Shreyas K 39 Nov 24, 2022
A Nepali Dictionary API made using FastAPI.

Nepali Dictionary API A Nepali dictionary api created using Fast API and inspired from https://github.com/nirooj56/Nepdict. You can say this is just t

Nishant Sapkota 4 Mar 18, 2022
First API using FastApi

First API using FastApi Made this Simple Api to store and Retrive Student Data of My College Ncc-Bim To View All the endpoits Visit /docs To Run Local

Sameer Joshi 2 Jun 21, 2022
Htmdf - html to pdf with support for variables using fastApi.

htmdf Converts html to pdf with support for variables using fastApi. Installation Clone this repository. git clone https://github.com/ShreehariVaasish

Shreehari 1 Jan 30, 2022
Minimal example utilizing fastapi and celery with RabbitMQ for task queue, Redis for celery backend and flower for monitoring the celery tasks.

FastAPI with Celery Minimal example utilizing FastAPI and Celery with RabbitMQ for task queue, Redis for Celery backend and flower for monitoring the

Grega Vrbančič 371 Jan 1, 2023