secscan-py - Web Apps Scanner and Much more utilities
SecScan is the Multithreading Web Vulnerability Scanner plus professional Utilities for penetrating testers.A compact Web Apps Vulnerable Scanner for amateur pentester.
Feature -
Utilities -
Stable version will covers -
Known bugs -
http://secscan-py.googlecode.com/files/SecScan-v1.1b
Download other versions-
http://code.google.com/p/secscan-py/downloads/list
Screenshot -
Feature -
SQLi, XSS, LFI, RFI
Admin/login finder, sub-domain finder, online/offline MD5 cracker, Router checker, local IP lookup
Stable version will covers -
auto SQL injector (bind with SlowQL) Fuzzer, Port/OS Scanner, MD5/SHA1 bruteforcer, MD5/SHA1 crypter,
Known bugs -
Still crash during MD5 dictionary attack on large lengths of text. XSS sometime gives false positive.
How to run -
To run: ./SecScan
bug issues report at: norske.drittsekk@gmail.com || digiopen55@gmail.com
Fix issues & upgrades:
- Crash during LFI & XSS scans
- More MD5 Dictionary cracking features & functions.
- Run more stable in SQL scan mode.
- Able to search more than 20 pages. (max is 90 to avoid cut off/CAPTCHA-request by search engine)
- more search engine choice. Default is still Ask Engine. (Bing & Yahoo are fine, not recommend Google API)
- More stealthy
- Random user-agent generator
Will add more in near-future:
- SQL injector (bind with my other project slowQL)
- MD5 bruteforcer (offline)
- SHA1 Dic/Brute cracker
- Hex viewer.
- Proxy finder
- Proxified mode
- Heuristic port & OS scanner (similar to N-map)
http://secscan-py.googlecode.com/files/SecScan-v1.1b
Download other versions-
http://code.google.com/p/secscan-py/downloads/list
Screenshot -
