- Basic Info: Quick site information (Load Time, IP Address, Server OS...).
- Robots.txt Disallow Entries: Detection of Robots.txt and printing Disallow Entries.
- CMS Detection & Vulnerability Report: Automatically identifies the CMS and generates a vulnerability report.
- Admin Panel Auth Detection: Searches for common login page variations based on the detected CMS.
- Directory Scanning: Searches for valid directories under the specified URL.
- Security Headers Check: Checks for the presence of important security headers.
- SSL Certificate Validation: Validates the SSL/TLS certificate for the domain, displaying issuer information, expiration date, and days until expiry.
- Open Ports Scan: Scans open ports on the server.
- Subdomain Scanning: Scans for subdomains of the specified URL.
- SQL Injection Detection: Tests for SQL injection vulnerabilities in query parameters.
- XSS Detection: Tests for cross-site scripting vulnerabilities.
- User-Friendly Interface: Interactive and detailed shell menu.
- Multi-Threaded: Efficiently performs tasks in the background using threading.
- Python 3.x.x
- Required Python packages:
requests,beautifulsoup4
- Clone the repository:
https://github.com/AtOM18/web-vulnerability-scanner.git - Navigate to the project directory:
cd Site-Scanner - Requirements Installation:
pip install -r requirements.txt
- Run the tool:
python3 Site-Scanner.py/ Proxychainsproxychains python3 Site-Scanner.py - Enter the URL of the website you wish to analyze.
- Choose tasks according to the menu.
Found a bug or want to contribute? Great! Please submit an issue or pull request.