Releases: ItsWanheda/SpectraScan
Release list
SpectraScan v2.0.0
SpectraScan v2.0.0
A major update introducing a full OSINT suite, report management system, improved platform compatibility, and modular architecture refactor.
Added
- Full OSINT suite:
- Domain Scanner
- IP Scanner
- Phone Scanner
- Email Scanner
- Image EXIF Scanner
- Link Sniffer
- Criminal Scanner
- Report Management System
- Save, append, read, and delete scan reports
- New CLI flags
-d,--domain-i,--ip--phone-e,--email--img-l,--link--crim-r,--read-report-del,--delete-report
Changed
- Refactored architecture into modular components
- Cleaned up color definitions and comments
- Added graceful fallbacks for external tools:
exiv2exiftoolshodan-cli
Fixed
- Fixed syntax error in
HTTPEnumerator.check_methods - Improved path portability with relative imports
- Improved ping/arp compatibility across Windows, Linux, and macOS
Documentation
- Expanded argparse help text with examples
- Added usage instructions for report management
New File
modules/phone_Locator.py
Notes
This release is intended for authorized security research, lab use, and educational purposes only.
SpectraScann v1.5.0 - Modular Edition
[v1.5.0] - 2026-06-12
Added
- Modular Architecture: Refactored codebase to support external plugins for better maintainability and scalability.
- Brute Forcing Module (
modules/brute_forcer.py):- Added dictionary-based brute-forcing for SSH and FTP services.
- Supports custom wordlists via
--wordlistargument. - Multi-threaded for faster credential testing.
- Vulnerability Scanner Module (
modules/vuln_scanner.py):- Integrated NVD API queries for real-time CVE detection.
- Checks service versions against known vulnerability databases.
- Activated via
--vuln-scanflag.
- Web Enumerator Module (
modules/web_enumerator.py):- Advanced directory and file fuzzing for HTTP/HTTPS services.
- Detects hidden paths, backups, and misconfigurations.
- Activated via
--web-enumflag.
- New CLI Arguments:
--brute-force: Enables credential testing.
--vuln-scan: Enables detailed CVE scanning.--web-enum: Enables web directory enumeration.--wordlist: Specifies path to dictionary files.
Changed
- Refactored
SpectraScan.py:- Removed inline logic for brute-forcing and web enumeration to reduce file size and complexity.
- Improved import handling to support optional dependencies (
paramiko,requests).
Fixed
- Resolved potential
ImportErrorissues by adding graceful fallbacks for optional modules.
Security
- Added rate-limiting and timeout controls to brute-force attempts to prevent account lockouts and excessive noise.
Full Changelog: v1.0.0...v1.5.0
v1.0.0 - Initial Release: Modular Architecture & Core Scanning Features
🎉 Welcome to the first official release of SpectraScann!
We are excited to announce the initial launch of SpectraScann, a high-performance, modular network security tool built with Python. This release focuses on establishing a clean, maintainable architecture while delivering powerful scanning capabilities for security professionals and enthusiasts.
This version introduces a completely refactored codebase, separating concerns into distinct modules for scanners, analyzers, and exporters. It provides a robust foundation for rapid network discovery, service enumeration, and vulnerability assessment.
🚀 Key Features in v1.0.0
🔍 Advanced Scanning Engine
Multi-Protocol Support: Full support for TCP Connect, SYN Stealth (requires root/admin), and UDP scanning.
High Performance: Utilizes concurrent.futures for multi-threaded scanning with configurable thread counts.
Timing Profiles: 6 distinct timing profiles (T0 to T5) ranging from "Paranoid" (slow/stealthy) to "Insane" (fast/aggressive).
Rate Limiting: Built-in rate limiter to prevent network congestion and reduce detection probability.
Decoy Scanning: Generate random decoy IPs to obscure the source address.
🛡️ Enumeration & Analysis
Service Detection: Automatic banner grabbing and service identification for common protocols (SSH, HTTP, FTP, SMB, MySQL, etc.).
OS Fingerprinting: Basic OS detection based on TTL values and response timing.
SSL/TLS Analysis: Checks for supported SSL/TLS versions, cipher suites, and potential vulnerabilities.
HTTP Enumeration: Checks for allowed HTTP methods, security headers, and common vulnerable paths.
Firewall Detection: Analyzes ICMP responses and TCP connectivity to detect firewalls or IDS.
🌐 Network Discovery
Ping Sweep: Fast discovery of live hosts in a subnet.
ARP Scan: Local network neighbor discovery.
Traceroute: Visualize the network path to the target.
DNS Enumeration: Retrieve A, AAAA, MX, NS, TXT, and CNAME records.
📊 Reporting & Output
Multiple Formats: Export detailed results to JSON, HTML, or CSV.
Real-time Console Output: Color-coded terminal output for easy readability.
📝 Known Issues & Future Roadmap
UDP Scanning: UDP scanning is inherently unreliable due to protocol limitations; results may vary.
Future Updates:
Add more detailed vulnerability checks (CVE integration).
Improve UDP scan reliability.
Add support for more advanced DNS enumeration techniques.
Implement a GUI interface.
🤝 Contributing
Contributions are welcome! Please feel free to submit a Pull Request or open an Issue for bugs and feature requests.
Happy Scanning! 🚀