Vulnerability Scanner With Custom Payload - PyScan-Scanner



REQUIRE
  • urllib2
  • BeautifulSoup
  • requests

START
  • Change database information
$bdd = new PDO('mysql:host=localhost;dbname=pyscan', 'user', 'password');
  • Update a Python gate
panel_url = "http://localhost/pyscan/"
gate_scraper = "cmd/gate.php"
gate_scanner = "cmd/scan.php"
gate_vuln = "cmd/vuln.php"
gate_payload = "panel/api/payload.php"
gate_database = "panel/api/database.php"

Upload the .SQL

mysql -u username -p database_name < file.sql

Login

Username: root
password: toor

Make payload !


Test payload

python pyscan.py -u "http://exemple.com/id=2" -s -p PAYLOAD_ID

Test all payload

python pyscan.py -u "http://exemple.com/id=2" -s --all

Import mass link


Test all link

python pyscan.py --database