{"id":13539747,"url":"https://github.com/abhisharma404/vault","last_synced_at":"2025-04-02T06:31:28.122Z","repository":{"id":53252740,"uuid":"148347162","full_name":"abhisharma404/vault","owner":"abhisharma404","description":"swiss army knife for hackers","archived":false,"fork":false,"pushed_at":"2023-07-18T01:39:20.000Z","size":750,"stargazers_count":512,"open_issues_count":9,"forks_count":94,"subscribers_count":26,"default_branch":"master","last_synced_at":"2024-11-03T04:32:43.912Z","etag":null,"topics":["crawler","fuzzing","hacking","hacking-tool","information-gathering","lfi","networking","offensive-security","osint","pentesting","port-scanner","python","rfi","scanner","scrapy","security","sqlite","ssl-inspection","vault","xss-vulnerability"],"latest_commit_sha":null,"homepage":"https://abhisharma404.github.io/vault","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/abhisharma404.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-11T16:30:18.000Z","updated_at":"2024-11-01T09:49:24.000Z","dependencies_parsed_at":"2024-08-01T09:23:37.237Z","dependency_job_id":"9facf5eb-219f-4155-a438-a75ce55599ae","html_url":"https://github.com/abhisharma404/vault","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhisharma404%2Fvault","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhisharma404%2Fvault/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhisharma404%2Fvault/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abhisharma404%2Fvault/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/abhisharma404","download_url":"https://codeload.github.com/abhisharma404/vault/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246767962,"owners_count":20830581,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["crawler","fuzzing","hacking","hacking-tool","information-gathering","lfi","networking","offensive-security","osint","pentesting","port-scanner","python","rfi","scanner","scrapy","security","sqlite","ssl-inspection","vault","xss-vulnerability"],"created_at":"2024-08-01T09:01:31.337Z","updated_at":"2025-04-02T06:31:23.112Z","avatar_url":"https://github.com/abhisharma404.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"8f92ead9997a4b68d06a9acf9b01ef63\"\u003e\u003c/a\u003e扫描器\u0026\u0026安全扫描\u0026\u0026App扫描\u0026\u0026漏洞扫描","Python","\u003ca id=\"132036452bfacf61471e3ea0b7bf7a55\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"de63a029bda6a7e429af272f291bb769\"\u003e\u003c/a\u003e未分类-Scanner"],"readme":"# VAULT\n#### Swiss army knife for hackers\n\n[![Codacy Badge](https://api.codacy.com/project/badge/Grade/740204dd950c4e49841c94f2c32af78a)](https://app.codacy.com/app/abhisharma404/vault_scanner?utm_source=github.com\u0026utm_medium=referral\u0026utm_content=abhisharma404/vault_scanner\u0026utm_campaign=Badge_Grade_Dashboard)\n[![GitHub](https://img.shields.io/github/license/mashape/apistatus.svg)](https://github.com/abhisharma404/vault_scanner)\n[![Join the chat at https://gitter.im/vault_scanner/kwoc](https://badges.gitter.im/vault_scanner/Lobby.svg)](https://gitter.im/vault_scanner/Lobby?utm_source=badge\u0026utm_medium=badge\u0026utm_campaign=pr-badge\u0026utm_content=badge) ![Python](https://img.shields.io/badge/python-%3E%3D3-brightgreen.svg)\n![version](https://img.shields.io/badge/version-0.1.0-yellow.svg)\n![support](https://img.shields.io/badge/OS-Linux-orange.svg)\n[![Documentation Status](https://readthedocs.org/projects/vault-scanner/badge/?version=latest)](https://vault-scanner.readthedocs.io/en/latest/?badge=latest)\n\n\n## Table of contents\n- [Getting Started](#getting-started)\n- [Features](#features)\n- [Usage](#usage)\n- [Screenshot](#screenshot)\n- [Contributing](#contributing)\n- [License](#license)\n\n## Getting Started\n\n#### Steps to setup :\n\n1. `git clone \u003cyour-fork-url\u003e`\n2. `cd vault`\n3. `sudo apt-get install python3-pip`\n4. `sudo pip3 install virtualenv`\n5. `virtualenv venv`\n6. `source venv/bin/activate`\n7. `pip3 install -r requirements.txt`\n\n#### Starting Vault :\n\n1. `cd vault/src`\n2. `python3 vault.py`\n\n## Features\n* #### Scan website for the following vulnerabilities\n- [x] XSS\n- [x] LFI\n- [ ] RFI\n- [ ] SQLi\n\n* #### Scanner\n- [x] Port scanning : ACK, FIN, NULL, XMAS\n- [x] IP scanning : Ping Sweep, ARP\n- [x] SSL vulnerability scan\n- [x] OS scan\n- [x] Hash scanner : MD5, SHA1, SHA224, SHA256, SHA512\n\n* #### Others\n- Information Gathering\n  - [x] Clickjacking\n  - [x] jQuery version checking\n  - [x] Insecure cookie flags\n  - [x] Testing HTTP methods\n  - [x] Insecure headers\n  - [x] Header/banner grabbing\n  - Finder\n    - [x] Find comments in source code\n    - [x] Find e-mails in source code\n- [ ] Session fixation through cookie injection\n- [x] Brute force login through authorization headers\n- [x] URL Fuzzer\n- [x] WHOIS Lookup\n- [x] Google Dork\n- [ ] Error handler checker\n- [x] Admin panel finder\n- [x] Open redirect vulnerability\n- [x] CMS Detection\n- [x] Detect Honeypots\n- [ ] Detect DDoS attack\n- [ ] Detect De-authentication attack\n- [ ] Detect ARP spoof attack\n\n* #### Crawling\n- [x] Crawl a website and collect all the links\n- [x] Crawl and scrape the website for images\n\n* #### Attacks\n- [x] DDoS Attack\n- [x] ARP Spoofer\n- [ ] DNS Spoofer\n- [x] De-authentication attack\n- [ ] Network disassociation attack\n- [X] Ping of death\n- [x] MAC Flood attack\n\n* #### Utilities\n- [ ] Generate customized backdoor\n- [ ] Data monitoring\n- [X] Keylogger\n- [ ] SSH Tunelling\n- [ ] Generate sitemap\n- [x] MAC address changer\n- [ ] Trace route\n\n## Usage\n\n```\nusage: vault.py [-h] [-u URL] [-p PORT] [-sp START_PORT] [-ep END_PORT] [-ssl]\n                [-info] [-comment] [-email] [-fuzz] [-ip IP] [-t THREADS]\n                [-i INTERFACE] [-source_port SOURCE_PORT] [-fin] [-null]\n                [-ack] [-xmas] [-os_scan] [-xss] [-this] [-ping_sweep] [-arp]\n                [-ip_start_range IP_START_RANGE] [-ip_end_range IP_END_RANGE]\n                [-lfi] [-whois] [-o OUTPUT] [-d DORK] [-ddos] [-mac_flood]\n                [-interval INTERVAL] [-cr] [-cri] [-all] [-exclude EXCLUDE]\n                [-admin] [-orv] [-keylogger] [-host HOST] [-username USERNAME]\n                [-password PASSWORD] [-sender SENDER]\n                [-destination DESTINATION] [-arp_spoof] [-jquery]\n                [-ping_death] [-bruteforce] [-hash] [-md5] [-sha1] [-sha224]\n                [-sha256] [-sha512] [-dir DIR] [-detect_cms] [-change_mac]\n                [-mac MAC] [-honey] [-target_bssid TARGET_BSSID] [-deauth]\n\nVAULT\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -u URL, --url URL     URL for scanning\n  -p PORT, --port PORT  Single port for scanning\n  -sp START_PORT, --start_port START_PORT\n                        Start port for scanning\n  -ep END_PORT, --end_port END_PORT\n                        End port for scanning\n  -ssl                  perform SSL scan\n  -info                 Gather information\n  -comment              Finding comments\n  -email                Finding emails\n  -fuzz                 Fuzzing URL\n  -ip IP, --ip IP       IP address for port scanning\n  -t THREADS, --threads THREADS\n                        Number of threads to use\n  -i INTERFACE, --interface INTERFACE\n                        Networking Interface to use\n  -source_port SOURCE_PORT\n                        Source port for sending packets\n  -fin                  Perform FIN Scan\n  -null                 Perform NULL Scan\n  -ack                  Perform TCP ACK Scan\n  -xmas                 Perform XMAS Scan\n  -os_scan              Perform OS Scan\n  -xss                  Scan for XSS vulnerabilities\n  -this                 Only scan the given URL, do not crawl\n  -ping_sweep           ICMP ECHO request\n  -arp                  ARP Scan\n  -ip_start_range IP_START_RANGE\n                        Start range for scanning IP\n  -ip_end_range IP_END_RANGE\n                        End range for scanning IP\n  -lfi                  Scan for LFI vulnerabilities\n  -whois                perform a whois lookup of a given IP\n  -o OUTPUT, --output OUTPUT\n                        Output all data\n  -d DORK, --dork DORK  Perform google dorking\n  -ddos                 Perform DDoS attack\n  -mac_flood            Perform MAC Flooding attack\n  -interval INTERVAL    Interval time for sending packets\n  -cr                   For extracting links from a web page\n  -cri                  For extracting images from a Web page\n  -all                  Run all scans\n  -exclude EXCLUDE      Scans to exclude\n  -admin                Find admin panel on a given domain\n  -orv                  Test for open redirection Vulnerability\n  -keylogger            Capture keystrokes and send them by email\n  -host HOST            SMTP Host to use\n  -username USERNAME    Username to login\n  -password PASSWORD    Password to login\n  -sender SENDER        Email to send from\n  -destination DESTINATION\n                        Email to send to\n  -arp_spoof            ARP Spoofing\n  -jquery               Check jQuery version and get vulnerabilities\n  -ping_death           Perform ping of death attack\n  -bruteforce           Perform brute force attack through\n                        Authorizationheaders\n  -hash                 Start hash scan\n  -md5                  Scan MD5\n  -sha1                 Scan SHA1\n  -sha224               Scan SHA224\n  -sha256               Scan SHA256\n  -sha512               Scan SHA512\n  -dir DIR              Directory to scan\n  -detect_cms           Perform CMS Detection\n  -change_mac           Chnage MAC address\n  -mac MAC              New MAC address\n  -honey                Detect honeypot\n  -target_bssid TARGET_BSSID\n                        Target BSSID\n  -deauth               De-authentication attack\n```\n\nExample Usage : `python3 vault.py -u 'http://url' -info -comment -ssl -fuzz`\n\n## Screenshot\n![](logo/Initial_Setup.png)\n\n## Contributing\nAny and all contributions, [new-issues](https://github.com/abhisharma404/vault/issues/new/choose), [features](https://github.com/abhisharma404/vault/issues/new?template=feature_request.md) and tips are welcome.\nPlease refer to [`CONTRIBUTING.md`](https://github.com/abhisharma404/vault/blob/master/CONTRIBUTING.md) for more details.\n\n## License\n[![GitHub](https://img.shields.io/github/license/mashape/apistatus.svg)](https://github.com/abhisharma404/vault/blob/master/LICENSE.txt)\n\n### This project is currently a part of IIT KWoC 2018.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabhisharma404%2Fvault","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fabhisharma404%2Fvault","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabhisharma404%2Fvault/lists"}