VulnFinder is Python command-line tool that'll save ye time and effort by automatin' the process of detecting the technologies and versions used on a website using Wappalyzer. But that be not all, VulnFinder is also checkin' the infamous Exploit-DB for any known vulnerabilities associated with the detected technologies.
With VulnFinder in yer arsenal, you won't have to waste time manually checking for CVE's and corresponding proof-of-concepts. It'll do all the heavy liftin' for you, allowing you to focus on more important things!
There are few steps to prepare VulnFinder.
-
Install Wappalyzer dependencies: Git, Node.js 14+, Yarn.
-
Clone VulnFinder repository:
git clone https://github.com/Hacking-Notes/VulnFinder
- Prepare Wappalyzer:
cd VulnFinder/api/wappalyzer
yarn install
yarn run link
- Install dependencies:
cd ../../
pip3 install -r requrements.txt
python3 VulnFinder.py [arguments] <url/host>
We want to give a big shoutout to the original code creator for laying the foundation!
- SpiritOfSea ---> Original Creator
The tool provided on this GitHub page is intended for educational and research purposes only. The creators and maintainers of this tool are not responsible for any misuse or illegal use of the tool. It is the responsibility of the users to ensure that they comply with all applicable laws and regulations while using the tool.