XssScanT3r - Web Security Scanner

     __  __           ____                      _    _____       
     \ \/ / ___  ___ / ___|   ___  __ _  _ __  | |_ |___ /  _ __ 
      \  / / __|/ __|\___ \  / __|/ _` || '_ \ | __|  |_ \ | '__|
      /  \ \__ \\__ \ ___) || (__| (_| || | | || |_  ___) || |   
     /_/\_\|___/|___/|____/  \___|\__,_||_| |_| \__||____/ |_|   

	# Coded By : ./DesTroTN

• Detect This vulnerabilities

  • Remote Code Execution

    • Linux

  • XSS Reflected

  • Template Injection

    • Jinja2
    • ERB
    • Java
    • Twig
    • Freemarker

  • SQl Injection

Screen Shoot :

• Random Website:

  • 
  • 

OS Support :

• Linux

• Android

• Windows

Install

Note: XssScanT3r doesn't work with python < 3.6

Linux

• open your terminal
• enter this command

  $ git clone https://github.com/DesTroTN/XssScant3r 
  $ cd xssscant3r
  $ python3 -m pip install -r requirements.txt
  $ chmod +x xssscant3r
  

Andoird

• Download Termux App
• open termux app
• enter this command

 $ pkg install python -y 
 $ pkg install git -y 
 $ git clone https://github.com/DesTroTN/XssScant3r
 $ cd xssscant3r 
 $ python3 -m pip install -r requirements.txt
 $ chmod +x xssscant3r

Windows

• Download python3 and install it
• open your cmd
• enter this command

$ python3 -m pip install -r requirements.txt

Usage :

Options:
  -h, --help          |    Show help message and exit
  --version           |    Show program's version number and exit
  -u URL, --url=URL   |    Target URL (e.g."http://www.target.com/vuln.php?id=1")
  --data=DATA         |    Data string to be sent through POST (e.g. "id=1")
  --list=FILE         |    Get All Urls from List
  --threads           |    Max number of concurrent HTTP(s) requests (default 10)
  --timeout           |    Seconds to wait before timeout connection
  --proxy             |    Start The Connection with http(s) proxy
  --cookies           |    HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
  --encode            |    How Many encode the payload (default 1)
  --allow-redirect    |    Allow the main redirect
  --user-agent        |    add custom user-agent
  --scan-headers      |    Try to inject payloads in headers not parameters (user-agent,referrer)
  --skip-headers      |    Skip The Headers scanning processe
  --sleep             |    Sent one request after some Seconds
  --module            |    add custom module (e.g. "google.py")
  --debug             |    Debugging Mood

Example :

• post method
  $ python3 scant3r -u 'http://localhost/dvwa/vulnerabilities/exec/' --data='ip=localhost&Submit=Submit'
• add cookies
  $ python3 scant3r -u 'http://localhost/?l=2' --cookies='user=admin&id=1'
• add timeout
  $ python3 scant3r -u 'http://localhost/?l=13' --timeout=1
• allow redirects (302,301)
  $ python3 scant3r -u 'http://localhost/?l=13' --allow-redirect
• sleeping
  $ python3 scant3r -u 'http://localhost/?l=13' --sleep=2
• debugging mood
  $ python3 scant3r -u 'http://localhost/?l=13' --debug
• scanning all headers
  $ python3 scant3r -u 'http://localhost/?l=13' --scan-headers
• skip headers
  $ python3 scant3r -u 'http://localhost/?l=13' --skip-headers
• add custom user-agent
  $ python3 scant3r -u 'http://localhost/?l=13' --user-agent='CustomUseragent(v2)'
• add encoding
  $ python3 scant3r -u 'http://localhost/?l=13' --encode=2
• add proxy
  $ python3 scant3r -u 'http://localhost/?l=13' --proxy='http://localhost:8080'
• run your own module
  $ python3 scant3r -u 'http://localhost/?l=13' --module=dumper.py
• add urls list
  $ python3 scant3r --list urls.txt --threads=40

For Testing :

• $ ./scant3r -u 'http://test.vulnweb.com/search.php?test=query' --data='searchFor=scant3r&goButton=go'
• $ ./scant3r -u 'http://test.vulnweb.com/artists.php?artist=1'
• $ ./scant3r -u 'https://menacoderrr.pythonanywhere.com/'