Search / Server / Site / Dork / Exploitation Scanner
| Alisam Technology is not responsible for any misuse, damage caused by this script or attacking targets without prior mutual consent! |
| Tool: |
ATSCAN version 9.7 |
| Codename: | Anon4t |
| AUTHOR: | Ali MEHDIOUI |
| GROUP: | Alisam Technology |
| FACE: | facebook.com/Forces.des.tempetes.marocaines |
| YOUTUBE: | youtube.com/c/AlisamTechnology |
| WITTER: | twitter.com/AlisamTechno |
| PLUS: | plus.google.com/+AlisamTechnology |
| Description: |
Search engine Google / Bing / Ask / Yandex / Sogou
Mass Dork Search
Multiple instant scans.
Mass Exploitation
Extern commands execution.
XSS scanner.
LFI / AFD scanner.
Filter wordpress and Joomla sites in the server.
Find Admin page.
Decode / Encode MD5 + Base64.
Ports scan.
Scan ips
Scan E-mails.
Use proxy.
Random user agent.
Random proxy.
Scan errors.
Detect Cms.
And more...
|
| Libreries to install: |
Perl Requiered.
Works in all platforms.
|
| Permissions: |
cd ATSCAN
chmod +x ATSCAN
|
| Installation: |
chmod +x ./install.sh
./install.sh |
| Execution: |
Direct Tool Execution: perl ./atscan.pl
Installed Tool Execution: atscan
|
| Screenshots: |
|
| Help: |
| --proxy |
Set tor proxy [Ex: socks://localhost:9050].
Set proxy [Ex: http://12.231.54.87:8080 | list.txt]. |
| --random |
Renew identity foreach link scanned. |
| --dork |
dork to search [Ex: house,cars,hotel] |
| --level |
Scan level (+- Number of page results to scan) |
| -m |
Set engine motor [Bing = 1][Google = 2][Ask = 3][Yandex = 4][Sogou = 5][All = all] |
| -t |
Target [http://site.com] |
| -p |
Set test parameter EX:id,cat,product_ID |
| --time |
Set browser time out. |
| --xss |
Xss scan |
| --joomrfi |
joomla local file inclusion scan |
| --TARGET |
Will be replaced by target in extern commands |
| --dom |
Domaine |
| --exp |
Set exploit/payload |
| --valid |
Text to validate results |
| --unique |
Get urls with exact dork matching |
| --regex |
Crawl to get strings matching regex |
| --sregex |
Get only urls with matching regex |
| --noquery |
Remove Query string from url. [lives url like: site.com/index.php?id=] |
| --ip |
Scan targets for ips. |
| --pause |
Pause scan when first result found. |
| --ifinurl |
Text to validate target url |
| --lfi |
local file inclusion |
| --joomrfi |
get joomla sites with rfi |
| --shell |
shell link [Ex: http://www.site.com/shell.txt] |
| --wpafd |
get wordpress sites with arbitery file download |
| --admin |
get site admin page |
| --shost |
get site subdomains |
| --ports |
scan server ports |
| --port |
port |
| --udp |
UDP port |
| --tcp |
TCP port |
| --sites |
sites in the server |
| --wp |
get wordpress sites |
| --joom |
Getjoomla sites |
| --upload |
get sites with upload files |
| --zip |
get sites with zip files |
| --save |
Save scan results. |
| --md5 |
convert to md5 |
| --encode64 |
encode base64 string |
| --decode64 |
decode base64 string |
| --isup |
check http status 200 |
| --email |
Extract e-mails |
| --command |
External Command |
| --replace |
string to replace |
| --with |
string to replace with |
| --nobanner |
Hide tool banner |
| --noinfo |
Jump extra results info. |
| --options |
Show scan configuration. |
| --save |
Set file to save results. |
| --beep |
Produce beep sound if positive scan found |
| --ifend |
Produce beep sound when scan process is finished. |
| --help | -h | -? |
Help. |
| --update |
Update. |
|
| Examples: |
Proxy:
Tor: --proxy [proxy] [Ex: --proxy socks://localhost:9050].
Proxy: Proxy: --proxy [proxy] [Ex: http://12.32.1.5:8080] or --proxy [list.txt] [Ex: --proxy /root/Desktop/Documents/my_proxies.txt]
Random --proxy [proxy] --random
|
Simple search:
Search: atscan --dork [dork] --level [level]
Set engines + search: atscan --dork [dork] --level [level] -m 1,2,.. [Engines: Bing: 1 Google: 2 Ask: 3 Yandex: 4 Sogou: 5 All engines: all]
Set selective engines: atscan --dork [dork] --level [level] -m 1,2,3..
Search with many dorks: atscan --dork [dork1,dork2,dork3] --level [level]
Get Server sites: atscan -t [ip] --level [value] --sites
Get Server wordpress sites: atscan -t [ip] --level [value] --wp
Get Server joomla sites: atscan -t [ip] --level [value] --joom
Get Server upload sites: atscan -t [ip] --level [value] --upload
Get Server zip sites files: atscan -t [ip] --level [value] --zip
WP Arbitry File Download: atscan -t [ip] --level [value] --wpafd
Joomla RFI: atscan -t [ip] --level [10] --joomfri --shell [shell link]
Search + set save file: atscan --dork [dorks.txt] --level [level] --save
Replace + Exploit: atscan --dork [dorks.txt] --level [level] --replace [string] --with [string] --valid [string]
Search + get emails: atscan --dork [dorks.txt] --level [level] --email
Search + get site emails: atscan --dork [site:site.com] --level [level] --email
Search + get ips: atscan --dork [dork] --level [level] --ip
Search by url regex: atscan --dork [dork] --level [level] --sregex [regex]
|
Regular Expressions Scan:
Regex use: atscan [--dork dork | -t target] --level [level] --regex [regex]
EX: To get ips from an url content ((\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3}))
EX: To get mails ((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6}).
|
Subscan from Serach Engine:
Exploitation: atscan --dork [dork] --level [10] [--xss | --lfi | --wp |...]
Server Exploitation: atscan -t [ip] --level [10] [--xss | --lfi | --wp |...]
Replace + Exploit: atscan --dork [dork] --level [10] --replace [string] --with [string] --exp [exploit] [--valid [string] --xss ..]
|
Validation:
Search + Url Validation: atscan --dork [dork] --level [10] --ifinurl [string]
Search + dork Validation: atscan --dork [dork] --level [10] --unique
Search + Exploit + Validation: atscan --dork [dork] --level [10] --exp [--isup | --valid] [string]
Search + Server Exploit + Validation: atscan -t [ip] --level [10] --exp [--isup | --valid] [string]
Replace + exploit or validate urls: atscan --dork [dork] --level [10] --replace [string] --with [string] [--isup | --valid [string]
|
Use List / Target:
atscan -t [target | targets.txt] --exp [--isup | --valid] [string]
atscan -t [target | targets.txt] [--xss | --lfi | --wp |...]
|
Server Ports:
Scan a server ports for open and close udp or tcp ports: atscan -t [Ex: 12.21.22.133] --ports [--udp | --tcp] --port [8080]
atscan -t (ip start)-(ip end) --ports [--udp | --tcp] --port [port]
atscan -t [ip] --ports [--udp | --tcp] --port [port start]-[port end]
|
Encode / Decode:
Generate MD5: atscan --md5 [string]
Encode base64: atscan --encode64 [string]
Decode base64: atscan --decode64 [string]
|
External Command:
atscan --dork [dork | dorks.txt] --level [level] --exp [payload] --valid [string] --command "sqlmap -u --TARGET --dbs"
atscan -t [target | targets.txt] --command "curl -v --TARGET"
|
Multiple Scans:
atscan --dork [dork] --level [level] --xss --lfi --wp ..
atscan --dork [dork] --level [level] --replace [string] --with [string] --exp [exploit] [--xss | --lfi | --wp | --admin | --shost | ...]
atscan -t [ip] --level [10] [--xss | --lfi | --wp |...]
atscan -t [targets] [--xss | --lfi | --wp |...]
|
Check Tool and Update:
atscan --update
|
|
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent