Site Scanner | Web Application Vulnerability Assessment Tool

Site-Scanner icon

Site-Scanner

Web Application Vulnerability Assessment Tool.

Site-Scanner icon

:dart: Features

  • Basic Info: Quick site information (Load Time, IP Address, Server OS…).
  • Robots.txt Disallow Entries: Detection of Robots.txt and printing Disallow Entries.
  • CMS Detection & Vulnerability Report: Automatically identifies the CMS and generates a vulnerability report.
  • Admin Panel Auth Detection: Searches for common login page variations based on the detected CMS.
  • Directory Scanning: Searches for valid directories under the specified URL.
  • Security Headers Check: Checks for the presence of important security headers.
  • SSL Certificate Validation: Validates the SSL/TLS certificate for the domain, displaying issuer information, expiration date, and days until expiry.
  • Open Ports Scan: Scans open ports on the server.
  • Subdomain Scanning: Scans for subdomains of the specified URL.
  • SQL Injection Detection: Tests for SQL injection vulnerabilities in query parameters.
  • XSS Detection: Tests for cross-site scripting vulnerabilities.
  • User-Friendly Interface: Interactive and detailed shell menu.
  • Multi-Threaded: Efficiently performs tasks in the background using threading.

:zap: Getting Started

Prerequisites

  • Python 3.x.x
  • Required Python packages: requests, beautifulsoup4

Installation

  1. Clone the repository: git clone https://github.com/TalMaIka/Site-Scanner.git
  2. Navigate to the project directory: cd Site-Scanner
  3. Requirements Installation: pip install -r requirements.txt

:rocket: Usage

  1. Run the tool: python3 Site-Scanner.py / Proxychains proxychains python3 Site-Scanner.py
  2. Enter the URL of the website you wish to analyze.
  3. Choose tasks according to the menu.

GitHub:

8 Likes

What a great tool, Open-source as well,
You’ve got a star from me!.

1 Like

Hey @Prometheus Thank you for sharing my tool.
Today version 1.8.0 was released, Would be happy if you could update the thread with the latest version features according to the git repo.

Added features:

Subdomain Scanning: Scans for subdomains of the specified URL.
Security Headers Check: Checks for the presence of important security headers.
SSL Certificate Validation: Validates the SSL/TLS certificate for the domain, displaying issuer information, expiration date, and days until expiry.

Guys thank you for all the support and project stars, I really do apprichate this <3.

1 Like

Thanks, mate, Prometheus has nothing to do with it, if required then I will do it, and I appreciate your concern about updating the version.

There is no need to replace the link, because the Git repo never changes the link address, even if they do, it shall redirect to the updated repo automatically. I checked, and the given link throw you to the updated repo, Cheers! :slight_smile:

Got it. The image is broken because is related to the old version which been removed plus will not harm to show the updated features here on the thread even if the git clone will be the latest version.

Hey all, Some updates has been pushed to the repo. Enjoy.

1 Like