Scant3R - Web Security Scanner
ScanT3r - Web Security Scanner
_____ ___________
/ ___/_________ _____/_ __/__ /_____
\__ \/ ___/ __ `/ __ \/ / /_ </ ___/
___/ / /__/ /_/ / / / / / ___/ / /
/____/\___/\__,_/_/ /_/_/ /____/_/
# Coded By : Khaled Nassar @knassar702
- Detect This vulnerabilities
- Remote Code Execution
- Linux
- XSS Reflected
- Template Injection
- Jinja2
- ERB
- Java
- Twig
- Freemarker
- SQl Injection
- Remote Code Execution
ScreenShot:
GIF
OS Support :
- Linux
- Android
- Windows
Install
Linux
- open your terminal
- enter this command
$ git clone https://github.com/knassar702/scant3r $ cd scant3r $ python3 -m pip install -r requirements.txt
Android
- Download Termux App
- open termux app
- enter this command
$ pkg install python -y
$ pkg install git -y
$ git clone https://github.com/knassar702/scant3r
$ cd scant3r
$ python3 -m pip install -r requirements.txt
Windows
- Download python3 and install it
- open your cmd
- enter this command
$ python3 -m pip install -r requirements.txt
Usage :
Options:
-h, --help | Show help message and exit
--version | Show program's version number and exit
-u URL, --url=URL | Target URL (e.g."http://www.target.com/vuln.php?id=1")
--data=DATA | Data string to be sent through POST (e.g. "id=1")
--list=FILE | Get All Urls from List
--threads | Max number of concurrent HTTP(s) requests (default 10)
--timeout | Seconds to wait before timeout connection
--proxy | Start The Connection with http(s) proxy
--cookies | HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
--encode | How Many encode the payload (default 1)
--allow-redirect | Allow the main redirect
--user-agent | add custom user-agent
--scan-headers | Try to injec t payloads in headers not parameters (user-agent,referrer)
--skip-headers | Skip The Headers scanning processe
--sleep | Sent one request after some Seconds
--module | add custom module (e.g. "google.py")
--debug | Debugging Mood
Example :
- post method
$ python3 scant3r -u 'http://localhost/dvwa/vulnerabilities/exec/' --data='ip=localhost&Submit=Submit'
- add cookies
$ python3 scant3r -u 'http://localhost/?l=2' --cookies='user=admin&id=1'
- add timeout
$ python3 scant3r -u 'http://localhost/?l=13' --timeout=1
- allow redirects (302,301)
$ python3 scant3r -u 'http://localhost/?l=13' --allow-redirect
- sleeping
$ python3 scant3r -u 'http://localhost/?l=13' --sleep=2
- debugging mood
$ python3 scant3r -u 'http://localhost/?l=13' --debug
- scanning all headers
$ python3 scant3r -u 'http://localhost/?l=13' --scan-headers
- skip headers
$ python3 scant3r -u 'http://localhost/?l=13' --skip-headers
- add custom user-agent
$ python3 scant3r -u 'http://localhost/?l=13' --user-agent='CustomUseragent(v2)'
- add encoding
$ python3 scant3r -u 'http://localhost/?l=13' --encode=2
- add proxy
$ python3 scant3r -u 'http://localhost/?l=13' --proxy='http://localhost:8080'
- run your own module
$ python3 scant3r -u 'http://localhost/?l=13' --module=dumper.py
- add urls list
$ python3 scant3r --list urls.txt --threads=40
Scant3R - Web Security Scanner
Reviewed by Zion3R
on
5:30 PM
Rating: