Releases: faizzyhon/BUGSCANNER---PHP-Web-Security-Scanner-for-Bug-Bounty-Penetration-Testing
Release list
BugScanner v2.1
4 new scanner modules:
scanners/recon.py — Runs first on any URL. Resolves IP, does reverse DNS, pulls DNS records (A/MX/NS/TXT/CNAME/SOA via dnspython), Whois lookup, SSL/TLS certificate analysis, geolocation via ip-api.com, WAF detection against 10 WAF fingerprint libraries. Emits a RECON_JSON: line to stdout for the web GUI.
scanners/port_scanner.py — Scans 70 common ports concurrently (50 threads, 2.5s timeout). Grabs service banners. Classifies ports as CRITICAL (internet-exposed datastores like MongoDB, Redis, Elasticsearch), HIGH (RDP, MySQL, SMB), or INFO. Emits PORT_JSON:.
scanners/tech_detector.py — Fingerprints 80+ technologies from HTTP headers, HTML body, cookies, meta tags, and script URLs. Covers CMS (WordPress/Joomla/Drupal/Magento/Shopify…), frameworks (Laravel/Django/Rails/Spring/Next.js/React/Vue…), servers (Nginx/Apache/IIS/Tomcat/WebLogic…), JS libs, CDNs, analytics, payments. Emits TECH_JSON:.
scanners/cve_scanner.py — Queries NIST NVD API v2.0 (free, no key) for CVEs matching each detected technology. Runs 9 active exploit PoC tests: Drupalgeddon2, Laravel Ignition, Spring4Shell, Log4Shell, Joomla RCE, WordPress XMLRPC + user enum, phpMyAdmin exposure, Elasticsearch/MongoDB no-auth. Emits CVE_JSON:.
Updated files:
main.py — Added INTEL_REGISTRY, Phase-0 scan loop (runs recon→ports→tech→cve before vuln modules), --skip-recon, --skip-ports, --nvd-key flags. TechDetector passes self.technologies to CVEScanner.
web_gui.py — New 🔍 Intel tab in UI showing live cards for Host/IP, Geolocation, SSL, WAF, DNS records, open ports table, tech stack grid, CVE table. _detect_finding() now intercepts RECON_JSON:/PORT_JSON:/TECH_JSON:/CVE_JSON: and emits them as typed SSE events. Sidebar has Phase-0 toggles. scan_start route passes --skip-recon/--skip-ports to CLI.
requirements.txt — Added dnspython>=2.6.0 and python-whois>=0.9.4.
README.md — Fully rewritten with v2.0 feature matrix, architecture diagram, all commands.
commands.txt — Complete command reference with 50+ ready-to-paste commands covering every scenario.
Full Changelog: BugScanner-v2...v2.1
BUGSCANNER v2.0
All bugs are fixed. Here's a summary of every change made:
web_gui.py — Queue isolation
scan_queues[scan_id] = queue.Queue() now created in scan_start() before the thread launches
run_scan() uses a local q = scan_queues[scan_id] for all .put() calls (no more global scan_queue)
_detect_finding() guards with if scan_id in scan_queues: before putting
scan_stream() fetches the correct queue via scan_queues.get(scan_id), returns an error event if the scan_id doesn't exist, and cleans up the queue entry on done/error/timeout
ai_scanner.py — Import cleanup + logic fix
Removed unused import hashlib, urlencode, and from rich import print as rprint
Moved import base64 to module top level (was inside a function body)
Fixed ask_json partial recovery loop: each closing bracket (} and ]) is now tried independently with its own try/except, so a failed } parse no longer silently swallows the ] attempt
reporter/generator.py — ReportLab API fixes
sev_color.hexval().lstrip("#") → sev_color.hexval()[2:] — hexval() returns "0xRRGGBB", so [2:] strips the 0x prefix correctly
"ROWBACKGROUND" → "ROWBACKGROUNDS" (both occurrences) — the correct ReportLab TableStyle constant name
utils/auth.py — Redirect detection
if resp.status_code in (301, 302, 303) and resp.history: → if resp.history: — since _post() uses allow_redirects=True, the final response status is already 200; the redirect is detected via resp.history (non-empty when redirects occurred), and resp.url gives the actual final destination URL