Scant3R – Web Security Scanner

scant3r 1

ScanT3r – Web Security Scanner


_____ ___________
/ ___/_________ _____/_ __/__ /_____
__ / ___/ __ `/ __ / / /_ </ ___/
___/ / /__/ /_/ / / / / / ___/ / /
/____/___/__,_/_/ /_/_/ /____/_/

# Coded By : Khaled Nassar @knassar702
  • Detect This vulnerabilities
    • Remote Code Execution
      • Linux
    • XSS Reflected
    • Template Injection
      • Jinja2
      • ERB
      • Java
      • Twig
      • Freemarker
    • SQl Injection 

ScreenShot:

scant3r 2 scant3r header

GIF

scant3r 3 scan

scant3r 4 scant3r

OS Support :

  • Linux
  • Android
  • Windows

Install

Linux

  • open your terminal
  • enter this command
    $ git clone https://github.com/knassar702/scant3r 
    $ cd scant3r
    $ python3 -m pip install -r requirements.txt

Android

  • Download Termux App
  • open termux app
  • enter this command
 $ pkg install python -y 
$ pkg install git -y
$ git clone https://github.com/knassar702/scant3r
$ cd scant3r
$ python3 -m pip install -r requirements.txt

Windows

  • Download python3 and install it
  • open your cmd
  • enter this command
$ python3 -m pip install -r requirements.txt

Usage :

Options:
-h, --help | Show help message and exit
--version | Show program's version number and exit
-u URL, --url=URL | Target URL (e.g."http://www.target.com/vuln.php?id=1")
--data=DATA | Data string to be sent through POST (e.g. "id=1")
--list=FILE | Get All Urls from List
--threads | Max number of concurrent HTTP(s) requests (default 10)
--timeout | Seconds to wait before timeout connection
--proxy | Start The Connection with http(s) proxy
--cookies | HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
--encode | How Many encode the payload (default 1)
--allow-redirect | Allow the main redirect
--user-agent | add custom user-agent
--scan-headers | Try to injec t payloads in headers not parameters (user-agent,referrer)
--skip-headers | Skip The Headers scanning processe
--sleep | Sent one request after some Seconds
--module | add custom module (e.g. "google.py")
--debug | Debugging Mood

Example :

  • post method
    $ python3 scant3r -u 'http://localhost/dvwa/vulnerabilities/exec/' --data='ip=localhost&Submit=Submit'
  • add cookies
    $ python3 scant3r -u 'http://localhost/?l=2' --cookies='user=admin&id=1'
  • add timeout
    $ python3 scant3r -u 'http://localhost/?l=13' --timeout=1
  • allow redirects (302,301)
    $ python3 scant3r -u 'http://localhost/?l=13' --allow-redirect
  • sleeping
    $ python3 scant3r -u 'http://localhost/?l=13' --sleep=2
  • debugging mood
    $ python3 scant3r -u 'http://localhost/?l=13' --debug
  • scanning all headers
    $ python3 scant3r -u 'http://localhost/?l=13' --scan-headers
  • skip headers
    $ python3 scant3r -u 'http://localhost/?l=13' --skip-headers
  • add custom user-agent
    $ python3 scant3r -u 'http://localhost/?l=13' --user-agent='CustomUseragent(v2)'
  • add encoding
    $ python3 scant3r -u 'http://localhost/?l=13' --encode=2
  • add proxy
    $ python3 scant3r -u 'http://localhost/?l=13' --proxy='http://localhost:8080'
  • run your own module
    $ python3 scant3r -u 'http://localhost/?l=13' --module=dumper.py
  • add urls list
    $ python3 scant3r --list urls.txt --threads=40
Download Scant3R

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source