Skip to content

0xJBsec/RedTrace

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

RedTrace v3.0 — Web Vulnerability Scanner

Professional-grade web vulnerability scanner with async engine, CVE/NVD lookup, and WAF evasion. Built by 0xJBsec.

Features

  • Async crawler (aiohttp + TCPConnector pool)
  • SQL Injection: error-based, boolean-blind, time-based
  • XSS: reflected detection with context awareness
  • Command Injection: output-based + time-based
  • Directory Traversal: Unix + Windows + encoded
  • Open Redirect: 30+ parameter names tested
  • Security Header audit + CSP quality check
  • Directory fuzzing: 160+ path wordlist
  • CVE lookup: NVD API v2 + CIRCL + ExploitDB
  • WAF detection + 5-technique evasion engine
  • JSON + human-readable reports

Install

```bash git clone https://github.com/0xJBsec/RedTrace.git cd RedTrace pip3 install -r requirements.txt chmod +x install.sh && ./install.sh ```

Usage

```bash redtrace http://target.com redtrace http://target.com --cve-lookup redtrace http://target.com --checks sqli xss --intensity high redtrace http://target.com --cookie "session=abc123" redtrace http://target.com -o report.json ```

Legal

For authorised security research, CTFs, and penetration testing only.

About

Professional web vulnerability scanner — SQLi, XSS, CMDi, CVE/NVD lookup

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors