This powerful Python-based vulnerability scanner is designed to detect and assess security vulnerabilities in web applications, networks, and APIs. Featuring advanced capabilities, this tool seamlessly integrates cutting-edge techniques for identifying vulnerabilities like SQL injection, Cross-Site Scripting (XSS), and open port scanning, all in one easy-to-use script.
- SQL Injection Detection
- Cross-Site Scripting (XSS) Detection
- Open Port Scanning with Multithreading
- SSL/TLS Vulnerability Checks
- Brute Force Login Testing
- Directory Scanning with Customizable Wordlist
- API Fuzzing Techniques
- Detailed Logging and Reporting
- Set Up: Ensure you have Python installed on your machine. Create a wordlist file (
common_dirs.txt) in the same directory with a list of common directories you want to check (e.g.,admin,config.php). - Run the Scanner: Execute the script in the terminal or command prompt. Input the target URL or IP address when prompted.
Ensure you have explicit permission to scan the target system. Unauthorized scanning is illegal and unethical. Ideally, test against controlled environments, such as intentionally vulnerable applications like OWASP Juice Shop or local setups.
This project is licensed under the MIT License - see the LICENSE file for details.
Special thanks to the open-source community for providing valuable libraries and resources that made this project possible.