{"id":15067196,"url":"https://github.com/securefeds/web_sloth","last_synced_at":"2026-01-03T10:06:11.661Z","repository":{"id":257015490,"uuid":"857084441","full_name":"secuRefeds/web_sloth","owner":"secuRefeds","description":"A comprehensive multi-vulnerability scanner ","archived":false,"fork":false,"pushed_at":"2024-09-14T06:18:47.000Z","size":483,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-22T16:22:50.605Z","etag":null,"topics":["hacktoberfest","linux","payloads","python","python3","script","securefeds","vulnerability","vulnerability-detection","vulnerability-scanners","web","websitehacking"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/secuRefeds.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-13T19:13:38.000Z","updated_at":"2024-09-14T06:18:50.000Z","dependencies_parsed_at":null,"dependency_job_id":"015483fe-cee5-4a62-8e1e-f58b9db46b55","html_url":"https://github.com/secuRefeds/web_sloth","commit_stats":null,"previous_names":["securefeds/web_sloth"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secuRefeds%2Fweb_sloth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secuRefeds%2Fweb_sloth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secuRefeds%2Fweb_sloth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/secuRefeds%2Fweb_sloth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/secuRefeds","download_url":"https://codeload.github.com/secuRefeds/web_sloth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243822309,"owners_count":20353498,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","linux","payloads","python","python3","script","securefeds","vulnerability","vulnerability-detection","vulnerability-scanners","web","websitehacking"],"created_at":"2024-09-25T01:18:04.346Z","updated_at":"2026-01-03T10:06:11.649Z","avatar_url":"https://github.com/secuRefeds.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Web Sloth Banner](https://github.com/secuRefeds/web_sloth/blob/main/banner.png)\n\n\n# **web_sloth: Multi-Vulnerability Web Scanner**\n\n**web_sloth** is a powerful and versatile vulnerability scanner designed to detect various security issues in web applications, including Local File Inclusion (LFI), Open Redirects (OR), SQL Injection (SQLi), and Cross-Site Scripting (XSS). This tool, developed by **OSPOKS** and **M0SAIF-ANTNET**, is intended for security researchers, developers, and ethical hackers to assess the security of their web applications.\n\n## **Features**\n\n- **LFI Scanner**: Detects vulnerabilities allowing unauthorized access to files on the server.\n- **Open Redirect Scanner**: Identifies potential open redirects that could be exploited to direct users to malicious sites.\n- **SQL Injection Scanner**: Uncovers weaknesses that may permit attackers to execute arbitrary SQL queries on a database.\n- **XSS Scanner**: Locates XSS vulnerabilities that could enable attackers to inject malicious scripts into web pages.\n- **Multi-threaded Scanning**: Enhances scanning efficiency by using multiple threads for faster operation.\n- **Custom Payloads**: Enables users to provide tailored attack payloads for specific vulnerability types.\n- **Custom Success Criteria**: Allows users to define specific conditions for identifying successful exploitation attempts.\n- **Command-line Interface (CLI)**: A simple and intuitive CLI for fast and efficient scanning.\n- **Vulnerable URL Storage**: Saves vulnerable URLs discovered during the scan for future analysis.\n\n## **System Requirements**\n\nBefore using **web_sloth**, ensure the following dependencies are installed:\n\n- **Python 3.x**\n- `webdriver_manager==4.0.2`\n- `selenium==4.24.0`\n- `aiohttp==3.10.5`\n- `beautifulsoup4==4.12.3`\n- `colorama==0.4.6`\n- `rich==12.6.0`\n- `requests==2.28.1`\n\n## **Installation Instructions**\n\nFollow these steps to install and set up **web_sloth**:\n\n1. **Clone the repository:**\n\n   ```bash\n   git clone https://github.com/secuRefeds/web_sloth.git\n   cd web_sloth\n   ```\n\n2. **Install the required dependencies:**\n\n   ```bash\n   pip install -r requirements.txt\n   ```\n\n## **Usage**\n\nTo start using **web_sloth**, follow these steps:\n\n1. **Run the tool**:\n\n   ```bash\n   python web_sloth.py\n   ```\n\n2. **Input options**:\n   - **URL Input**: Provide a single URL or a file containing multiple URLs to scan.\n   - **Payload Selection**: Choose or supply a custom payload file targeting specific vulnerabilities.\n   - **Success Criteria**: Define patterns or indicators that signal a successful exploitation attempt.\n   - **Concurrent Threads**: Set the number of threads to control the scanning speed and performance.\n   - **Results Output**: View the real-time scan results on the terminal and save the identified vulnerable URLs to a file for further analysis.\n\n## **Customization Options**\n\n**web_sloth** offers several customization features to cater to specific needs:\n\n- **Custom Payloads**: Modify or create your own payloads to target specific vulnerabilities more effectively.\n- **Success Criteria**: Customize the success indicators to identify exploitation attempts based on unique error messages or specific responses.\n- **Multi-threading**: Adjust the number of threads to improve scanning performance based on the available system resources.\n\n## **Disclaimer**\n\n**web_sloth** is designed for educational and ethical purposes only. Users must have explicit permission to test the security of any web application. Unauthorized scanning or exploitation of third-party systems is illegal and against the ethical principles of cybersecurity.\n\n## **Contributors**\n\n- **OSPOKS**\n- **M0SAIF-ANTNET**\n\n## **License**\n\nThis project is licensed under the **Apache License 2.0**. See the [LICENSE](LICENSE) file for more information.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecurefeds%2Fweb_sloth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsecurefeds%2Fweb_sloth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecurefeds%2Fweb_sloth/lists"}