/Squirt

Primary LanguagePythonMIT LicenseMIT

Squirt

Squirt is an offensive information and vulnerability scanner.

Features

Just supply a domain name to Squirt and it will automatically do the following for you:

  • Check and Bypass Cloudflare
  • Retrieve Server and Powered by Headers
  • Fingerprint the operating system of Web Server
  • Detect CMS (197+ CMSs are supported)
  • Launch WPScan if target is using Wordpress
  • Retrieve robots.txt
  • Whois lookup
  • Check if the target is a honeypot
  • Port Scan with banner grabbing
  • Dumps all kind of DNS records
  • Generate a map for visualizing the attack surface
  • Gather Emails related to the target
  • Find websites hosted on the same web server
  • Find hosts using google
  • Crawl the website for URLs having parameters
  • SQLi scan using online implemention of SQLMap (takes < 3 min.)
  • Basic XSS scanning

Install

git clone https://github.com/CybernetiX-S3C/Squirt
cd Squirt
pip install -r requirements.txt
python Squirt.py

Screenshots

Want to see what else it can do? Try it yourself.

Contribute

If you want to contribute to this project, report any bugs you encounter and help me add more features to it.