Web Scanner is a simple web application developed to scan for various security vulnerabilities. The application provides basic functionality to check for XSS, SQL Injection, and CSRF vulnerabilities.
- XSS Scanning: Scans the URL using various XSS payloads.
- SQL Injection Scanning: Scans the URL using common SQL Injection payloads.
- CSRF Scanning: Checks whether CSRF protection is present.
Follow the steps below to run the project on your local machine.
- Python 3.x
- Flask
- Flask-SQLAlchemy
- Python Requests Library
-
Clone this repository:
git clone https://github.com/zgr0/web-scanner.git cd web-scanner
-
Create and activate a virtual environment:
python -m venv venv source venv/bin/activate # For Windows: venv\Scripts\activate
-
Install the required libraries:
pip install -r requirements.txt
-
Create the database and start the application:
python app.py
-
Open your browser and navigate to
http://127.0.0.1:5000
.
- Open your web browser and navigate to
http://127.0.0.1:5000
. - Enter the URL you want to scan.
- Click the button for the vulnerability you want to scan for (XSS, SQL Injection, or CSRF).
- The results will be displayed on the screen.