The scant3r from blackstarkk

ScanT3r - Web Security Scanner


	   _____                ___________     
	  / ___/_________ _____/_  __/__  /_____
	  \__ \/ ___/ __ `/ __ \/ /   /_ </ ___/
	 ___/ / /__/ /_/ / / / / /  ___/ / /    
	/____/\___/\__,_/_/ /_/_/  /____/_/
	
	# Coded By : Khaled Nassar @knassar702

Detect This vulnerabilities
- Remote Code Execution
  - Linux
- XSS Reflected
- Template Injection
  - Jinja2
  - ERB
  - Java
  - Twig
  - Freemarker
- SQl Injection

Screen Shot :

Nokia Website:

GIF

OS Support :

Linux
Android
Windows

Install

Note: ScanT3r doesn't work with python < 3.6

Linux

open your terminal

enter this command

$ git clone https://github.com/knassar702/scant3r 
$ cd scant3r 
$ python3 -m pip install -r requirements.txt
$ chmod +x scant3r

Andoird

Download Termux App
open termux app
enter this command

 $ pkg install python -y 
 $ pkg install git -y 
 $ git clone https://github.com/knassar702/scant3r
 $ cd scant3r 
 $ python3 -m pip install -r requirements.txt
 $ chmod +x scant3r

Windows

Download python3 and install it
open your cmd
enter this command

$ python3 -m pip install -r requirements.txt

Usage :

Options:
  -h, --help          |    Show help message and exit
  --version           |    Show program's version number and exit
  -u URL, --url=URL   |    Target URL (e.g."http://www.target.com/vuln.php?id=1")
  --data=DATA         |    Data string to be sent through POST (e.g. "id=1")
  --list=FILE         |    Get All Urls from List
  --threads           |    Max number of concurrent HTTP(s) requests (default 10)
  --timeout           |    Seconds to wait before timeout connection
  --proxy             |    Start The Connection with http(s) proxy
  --cookies           |    HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
  --encode            |    How Many encode the payload (default 1)
  --allow-redirect    |    Allow the main redirect
  --user-agent        |    add custom user-agent
  --scan-headers      |    Try to inject payloads in headers not parameters (user-agent,referrer)
  --skip-headers      |    Skip The Headers scanning processe
  --sleep             |    Sent one request after some Seconds
  --module            |    add custom module (e.g. "google.py")
  --debug             |    Debugging Mood

Example :

post method
$ python3 scant3r -u 'http://localhost/dvwa/vulnerabilities/exec/' --data='ip=localhost&Submit=Submit'
add cookies
$ python3 scant3r -u 'http://localhost/?l=2' --cookies='user=admin&id=1'
add timeout
$ python3 scant3r -u 'http://localhost/?l=13' --timeout=1
allow redirects (302,301)
$ python3 scant3r -u 'http://localhost/?l=13' --allow-redirect
sleeping
$ python3 scant3r -u 'http://localhost/?l=13' --sleep=2
debugging mood
$ python3 scant3r -u 'http://localhost/?l=13' --debug
scanning all headers
$ python3 scant3r -u 'http://localhost/?l=13' --scan-headers
skip headers
$ python3 scant3r -u 'http://localhost/?l=13' --skip-headers
add custom user-agent
$ python3 scant3r -u 'http://localhost/?l=13' --user-agent='CustomUseragent(v2)'
add encoding
$ python3 scant3r -u 'http://localhost/?l=13' --encode=2
add proxy
$ python3 scant3r -u 'http://localhost/?l=13' --proxy='http://localhost:8080'
run your own module
$ python3 scant3r -u 'http://localhost/?l=13' --module=dumper.py
add urls list
$ python3 scant3r --list urls.txt --threads=40

For Testing :

$ ./scant3r -u 'http://test.vulnweb.com/search.php?test=query' --data='searchFor=scant3r&goButton=go'
$ ./scant3r -u 'http://test.vulnweb.com/artists.php?artist=1'
$ ./scant3r -u 'https://menacoderrr.pythonanywhere.com/'

blackstarkk / scant3r Goto Github PK

scant3r's Introduction

ScanT3r - Web Security Scanner

Detect This vulnerabilities

Remote Code Execution

XSS Reflected

Template Injection

SQl Injection

Screen Shot :

Nokia Website:

GIF

OS Support :

Linux

Android

Windows

Install

Andoird

Windows

Usage :

Example :

For Testing :

scant3r's People

Contributors

Recommend Projects

Recommend Topics

Recommend Org