GithubHelp home page GithubHelp logo

skysnotes / scant3r Goto Github PK

View Code? Open in Web Editor NEW

This project forked from knassar702/scant3r

0.0 0.0 0.0 28.36 MB

ScanT3r - Module based Bug Bounty Automation Tool

Home Page: https://scant3r.knas.me/

License: GNU General Public License v3.0

Python 99.81% Dockerfile 0.19%

scant3r's Introduction



ScanT3r

Save your scripting time


โš ๏ธ This project is no longer supported

You should use the Lotus project (https://github.com/rusty-sec/lotus/) instead of scant3r, since scant3r had been developed with many errors that will take more time to fix and scant3r is very slow compared to Lotus.

What's this?

this is a module-based web automation tool that I made for saving my scripting time by providing some utilizes that every web pentester needs in his automation script instead of focusing on ( logger, parsers, output function, cmd args, multi-threading), just write the logic of your scanning idea with scant3r utils without caring about these things, you can find callback/parsing/logging utils and output functions, Also we will add Restful API soon
what if you need to add a new Command option to scant3r for your script?
easy without writing any code just open the `conf/opts.YAML file and you will find all options of scant3r so you can change and add what you want;D

why should I use it ?

the short answer is to save your time, as a security guy you don't need to learn more about " how to write a perfect CLI script " you just need to understand the logic of your script
if you need to write something like SSRF CVE scanner, instead of searching "How can I call interact.sh", "how to fix this code issue", "how can I parse this'
and after getting the answer you will get some cool errors in your code and you will find yourself needing more time to search and fix these bugs

this is a waste of time for you, so this project will help to save more and more, just take a look at the examples modules and read the official documentation (unavailable yet), or just open an issue with a Feature request and we will write your script with our hands

Modules

this the modules we providing for our community for you need new module open an issue with Feature request template

module Short description
xss xss scanner for the ( ATTR_NAME, ATTR_VALUE , Comments, TAG_NAME )
req_callback Finds Out-of-band Resources parameters
ssti Finds Server-side Template injection
firebase checks for public firebase databases (write/read) permission

Official documentation: https://scant3r.knas.me

Requirements

  • python >= 3.10
  • pip
  • Git

install

  • Unix & MS-DOS
$ pip3 install git+https://github.com/knassar702/scant3r
$ scant3r --help
usage: scant3r [-h] [-e EXIT_AFTER] [-ct CALLBACK_TIME] [-c] [-o OUTPUT_FILE]
               [-H HEADERS] [-C COOKIES] [-v LOG_MODE] [-s DELAY] [-M METHODS]
               [-m MODULES] [-O] [-P LORSRF_PARAMETERS] [-l TARGETLIST] [-g] [-j]
               [-p PROXY] [-r] [-b BLINDXSS] [-x HOST] [-R] [-w THREADS]
               [-t TIMEOUT]

options:
  -h, --help            show this help message and exit
  -e EXIT_AFTER, --exit-after EXIT_AFTER
                        Exit after get this number of errors
  -ct CALLBACK_TIME, --callback-time CALLBACK_TIME
                        Callback timeout
  -c, --convert-body    Change the url parameters into request body ( in non-GET methods )
  -o OUTPUT_FILE, --output OUTPUT_FILE
                        The output json file location
  -H HEADERS, --header HEADERS
                        add custom header (ex:-H='Cookie: test=1; PHPSESSID=test')
  -C COOKIES, --cookie COOKIES
                        add cookie to the header (ex: 'cookie1=1; cookie2=2')
  -v LOG_MODE, --logger-mode LOG_MODE
                        change debug messages mode (1: info 2: debug 3: warning 4: error)
  -s DELAY, --sleep DELAY
                        number of seconds to hold between each HTTP(S) requests.
  -M METHODS, --method METHODS
                        Methods Allowed on your target
  -m MODULES, --module MODULES
                        run scant3r module (ex: -m=example)
  -O, --more-scan       scanning with the current module with import another modules (eg: lorsrf xss/ssti scanner)
  -P LORSRF_PARAMETERS, --lorsrf-parameters LORSRF_PARAMETERS
                        how many parameters in one request for lorsrf module
  -l TARGETLIST, --list TARGETLIST
                        add targets list
  -g, --add-parameters  Generate Famouse Parameters if your url dosen't have parameters
  -j, --json            JSON Request Body
  -p PROXY, --proxy PROXY
                        Forward all requests to proxy
  -r, --follow-redirects
                        Follow redirects
  -b BLINDXSS, --blind-host BLINDXSS
                        add your xsshunter host (or any xss host)
  -x HOST, --host HOST  add your host (burpcall,etc..)
  -R, --random-agents   use random user agent
  -w THREADS, --workers THREADS
                        Number of workers (default: 50)
  -t TIMEOUT, --timeout TIMEOUT
                        set connection timeout (default: 10)

for Questions/suggestions/Bugs : https://github.com/knassar702/scant3r/issues
wiki: https://github.com/knassar702/scant3r/wiki

Start

$ echo "http://testphp.vulnweb.com/listproducts.php?cat=1" | scant3r -m all

TODO-Features

  • Restful API
  • re-write the core utils in Rust by using pyo3
  • Command line Modules ( with yaml file )
  • Custom scanning map
  • Selenium Modules

Acknowledgments

cont

Join us

License

Stars Rate

stars

Media

some demo gifs from the old versions

  • LorSrf

Version: 0.6

Nokia https://www.nokia.com/responsible-disclosure/

IBM https://hackerone.com/ibm

scant3r's People

Contributors

0xflotus avatar cclauss avatar github-actions[bot] avatar knassar702 avatar mariusvinaschi avatar oppsec avatar pdelteil avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.