{"id":19295689,"url":"https://github.com/swatv3nub/grim","last_synced_at":"2026-05-14T18:32:58.827Z","repository":{"id":278158980,"uuid":"934692566","full_name":"swatv3nub/Grim","owner":"swatv3nub","description":"GRIM - Information Gathering and Vulnerability Scanning Tool","archived":false,"fork":false,"pushed_at":"2025-10-06T03:09:25.000Z","size":198,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"Alpha","last_synced_at":"2025-10-06T05:31:34.066Z","etag":null,"topics":["enumeration","web"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/swatv3nub.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-02-18T08:55:35.000Z","updated_at":"2025-08-27T08:44:48.000Z","dependencies_parsed_at":"2025-02-18T10:35:16.615Z","dependency_job_id":"1bb5d896-11a7-4fd9-94c5-a39642345d13","html_url":"https://github.com/swatv3nub/Grim","commit_stats":null,"previous_names":["swatv3nub/grim"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/swatv3nub/Grim","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swatv3nub%2FGrim","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swatv3nub%2FGrim/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swatv3nub%2FGrim/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swatv3nub%2FGrim/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/swatv3nub","download_url":"https://codeload.github.com/swatv3nub/Grim/tar.gz/refs/heads/Alpha","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swatv3nub%2FGrim/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33037838,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-13T13:14:54.681Z","status":"online","status_checked_at":"2026-05-14T02:00:06.663Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["enumeration","web"],"created_at":"2024-11-09T22:44:10.692Z","updated_at":"2026-05-14T18:32:58.815Z","avatar_url":"https://github.com/swatv3nub.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GRIM Security Scanner v4.0.0\n\nšŸ”’ **Advanced Information Gathering and Vulnerability Scanning Tool**\n\n[![PHP Version](https://img.shields.io/badge/PHP-8.0+-blue.svg)](https://php.net)\n[![License](https://img.shields.io/badge/License-GPL--3.0-green.svg)](https://opensource.org/licenses/GPL-3.0)\n[![Build Status](https://img.shields.io/badge/Build-Passing-brightgreen.svg)](https://github.com/swatv3nub/Grim)\n\n## šŸš€ What's New in v4.0.0\n\n- **Modern PHP Architecture**: Complete rewrite using PHP 8.0+ features\n- **Object-Oriented Design**: Clean, maintainable code with proper separation of concerns\n- **Composer Integration**: Modern dependency management\n- **CLI Interface**: Professional command-line interface using Symfony Console\n- **Advanced Logging**: Comprehensive logging with Monolog\n- **Multiple Export Formats**: JSON, CSV, HTML, XML, and Markdown\n- **Rate Limiting**: Built-in request rate limiting to avoid detection\n- **Configuration Management**: Environment-based configuration system\n- **Error Handling**: Robust error handling and recovery\n- **Testing Support**: PHPUnit integration for testing\n\n## āœØ Features\n\n### šŸ” Information Gathering\n- **Domain Intelligence**: WHOIS, DNS, GeoIP, and subdomain discovery\n- **Technology Detection**: Web servers, CMS, frameworks, and programming languages\n- **Social Media Analysis**: Social media presence and link discovery\n- **Email Intelligence**: MX records and email address enumeration\n- **Cloud Infrastructure**: AWS, Azure, GCP, and CDN detection\n- **Port Scanning**: Open port detection and service identification\n\n### šŸšØ Vulnerability Scanning\n- **SQL Injection**: Comprehensive SQL injection detection with multiple payloads\n- **Cross-Site Scripting (XSS)**: Reflected and stored XSS detection\n- **File Inclusion**: Local and Remote File Inclusion (LFI/RFI) detection\n- **Server-Side Request Forgery (SSRF)**: Internal network access detection\n- **Command Injection**: OS command execution vulnerability detection\n- **Cross-Site Request Forgery (CSRF)**: Missing CSRF token detection\n- **Insecure Direct Object References (IDOR)**: Access control bypass detection\n- **Open Redirects**: Unsafe redirect vulnerability detection\n- **XML External Entity (XXE)**: XML parsing vulnerability detection\n- **Email Header Injection**: CRLF injection and header manipulation detection\n\n### šŸ•·ļø Web Crawling\n- **Admin Panel Discovery**: Common admin panel path enumeration\n- **Backup File Detection**: Backup and configuration file discovery\n- **Directory Traversal**: File system access path discovery\n- **Custom Wordlists**: Extensible wordlist system for custom scans\n\n### šŸ“Š Reporting \u0026 Export\n- **Multiple Formats**: JSON, CSV, HTML, XML, and Markdown export\n- **Beautiful Reports**: Professional HTML reports with modern styling\n- **Structured Data**: Machine-readable output for automation\n- **Custom Filenames**: Configurable output file naming\n\n## šŸ› ļø Installation\n\n### Prerequisites\n- PHP 8.0 or higher\n- Composer\n- cURL extension\n- DOM extension\n- JSON extension\n- MBString extension\n\n### Quick Install\n```bash\n# Clone the repository\ngit clone https://github.com/swatv3nub/grim.git\ncd grim\n\n# Install dependencies\ncomposer install\n\n# Copy environment configuration\ncp env.example .env\n\n# Edit configuration\nnano .env\n```\n\n### Manual Installation\n```bash\n# Install PHP extensions (Ubuntu/Debian)\nsudo apt-get update\nsudo apt-get install php8.0-curl php8.0-dom php8.0-json php8.0-mbstring\n\n# Install PHP extensions (CentOS/RHEL)\nsudo yum install php-curl php-dom php-json php-mbstring\n\n# Install Composer\ncurl -sS https://getcomposer.org/installer | php\nsudo mv composer.phar /usr/local/bin/composer\n```\n\n## āš™ļø Configuration\n\n### Environment Variables\nCreate a `.env` file in the project root:\n\n```env\n# API Keys\nVIEWDNS_API_KEY=your_viewdns_api_key_here\nMOZ_ACCESS_ID=your_moz_access_id_here\nMOZ_SECRET_KEY=your_moz_secret_key_here\n\n# Scanner Configuration\nSCAN_TIMEOUT=30\nMAX_CONCURRENT_SCANS=5\nUSER_AGENT=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36\n\n# Security Settings\nENABLE_RATE_LIMITING=true\nMAX_REQUESTS_PER_MINUTE=60\n\n# Output Configuration\nSAVE_RESULTS=true\nRESULTS_DIR=results/\nEXPORT_FORMATS=json,csv,html\n\n# Logging\nLOG_LEVEL=INFO\nLOG_FILE=logs/grim.log\n```\n\n### API Keys\n- **ViewDNS**: Get your API key from [ViewDNS](https://viewdns.info/api/)\n- **Moz**: Get your API credentials from [Moz](https://moz.com/products/api)\n\n## šŸš€ Usage\n\n\u003e šŸ“š **Need examples?** Check out our comprehensive [Usage Examples](examples/usage-examples.md) for detailed command examples and real-world scenarios.\n\n### Basic Scan\n```bash\n# Run a full scan\nphp grim-new.php scan --target example.com\n\n# Run with custom options\nphp grim-new.php scan \\\n --target example.com \\\n --export html \\\n --output my_scan \\\n --verbose\n```\n\n### Scan Options\n```bash\n# Disable specific scanners\nphp grim-new.php scan --target example.com --no-vuln --no-crawl\n\n# Custom timeout and delay\nphp grim-new.php scan --target example.com --timeout 60 --delay 2\n\n# Export to multiple formats\nphp grim-new.php scan --target example.com --export all\n```\n\n### Command Reference\n```bash\n# Show help\nphp grim-new.php --help\n\n# Show scan command help\nphp grim-new.php scan --help\n\n# List available commands\nphp grim-new.php list\n```\n\n## šŸ“ Project Structure\n\n```\ngrim/\nā”œā”€ā”€ src/ # Source code\nā”‚ ā”œā”€ā”€ Command/ # CLI commands\nā”‚ ā”œā”€ā”€ Config/ # Configuration management\nā”‚ ā”œā”€ā”€ Scanner/ # Scanner implementations\nā”‚ ā””ā”€ā”€ Utils/ # Utility classes\nā”œā”€ā”€ config/ # Configuration files\nā”œā”€ā”€ crawl/ # Crawling wordlists\nā”œā”€ā”€ logs/ # Log files\nā”œā”€ā”€ results/ # Scan results\nā”œā”€ā”€ tests/ # Test files\nā”œā”€ā”€ vendor/ # Composer dependencies\nā”œā”€ā”€ .env # Environment configuration\nā”œā”€ā”€ composer.json # Composer configuration\nā”œā”€ā”€ grim-new.php # Main entry point\nā””ā”€ā”€ README.md # This file\n```\n\n## šŸ”§ Development\n\n### Running Tests\n```bash\n# Run all tests\ncomposer test\n\n# Run specific test\nvendor/bin/phpunit tests/Scanner/VulnerabilityScannerTest.php\n\n# Generate coverage report\nvendor/bin/phpunit --coverage-html coverage/\n```\n\n### Code Quality\n```bash\n# Static analysis\ncomposer analyze\n\n# Code style check\ncomposer cs\n\n# Fix code style\ncomposer cs-fix\n```\n\n### Adding New Scanners\n1. Create a new scanner class extending `Scanner`\n2. Implement required methods: `initialize()`, `scan()`, `getName()`\n3. Add the scanner to the main application\n4. Write tests for the new scanner\n\nExample:\n```php\n\u003c?php\n\nnamespace Grim\\Scanner;\n\nclass CustomScanner extends Scanner\n{\n protected function initialize(): void\n {\n // Initialize your scanner\n }\n\n public function scan(): array\n {\n // Implement your scanning logic\n return $this-\u003eresults;\n }\n\n public function getName(): string\n {\n return 'Custom Scanner';\n }\n}\n```\n\n## šŸ“Š Output Examples\n\n### JSON Export\n```json\n{\n \"target\": \"example.com\",\n \"scan_start\": \"2024-01-15 10:00:00\",\n \"scan_end\": \"2024-01-15 10:05:30\",\n \"duration\": \"5 minutes 30 seconds\",\n \"scanners\": {\n \"information_gathering\": {\n \"basic\": {\n \"domain\": \"example.com\",\n \"ip_address\": \"93.184.216.34\"\n }\n },\n \"vulnerability_scan\": [\n {\n \"type\": \"sql_injection\",\n \"description\": \"Potential SQL Injection vulnerability detected\",\n \"severity\": \"vulnerability\",\n \"details\": {\n \"payload\": \"' OR '1'='1\",\n \"url\": \"http://example.com/?id=' OR '1'='1\"\n }\n }\n ]\n }\n}\n```\n\n### HTML Report\nThe HTML export generates beautiful, professional reports with:\n- Modern, responsive design\n- Color-coded severity indicators\n- Interactive elements\n- Professional styling\n- Exportable sections\n\n## šŸ¤ Contributing\n\nWe welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) for details.\n\n### Development Setup\n```bash\n# Fork and clone the repository\ngit clone https://github.com/your-username/grim.git\ncd grim\n\n# Install development dependencies\ncomposer install --dev\n\n# Create feature branch\ngit checkout -b feature/amazing-feature\n\n# Make your changes and test\ncomposer test\n\n# Commit and push\ngit commit -m \"Add amazing feature\"\ngit push origin feature/amazing-feature\n\n# Create Pull Request\n```\n\n## šŸ“ License\n\nThis project is licensed under the GNU General Public License v3.0 - see the [LICENSE](LICENSE) file for details.\n\n## āš ļø Disclaimer\n\nThis tool is designed for **educational purposes** and **authorized security testing** only. Users are responsible for ensuring they have proper authorization before scanning any systems. The developers are not responsible for any misuse of this tool.\n\n## šŸ™ Acknowledgments\n\n- Original GRIM developers for the foundation\n- PHP community for excellent libraries\n- Security researchers for vulnerability knowledge\n- Open source contributors\n\n## šŸ“ž Support\n\n- **Issues**: [GitHub Issues](https://github.com/swatv3nub/grim/issues)\n- **Discussions**: [GitHub Discussions](https://github.com/swatv3nub/grim/discussions)\n- **Wiki**: [GitHub Wiki](https://github.com/swatv3nub/grim/wiki)\n\n## šŸ”„ Changelog\n\n### v4.0.0 (2035-08-22)\n- Complete codebase rewrite\n- Modern PHP 8.0+ architecture\n- Composer integration\n- CLI interface\n- Advanced logging\n- Multiple export formats\n- Rate limiting\n- Configuration management\n- Error handling improvements\n- Testing framework\n\n### v3.0.0 (Previous)\n- Basic vulnerability scanning\n- Information gathering\n- Web crawling\n- Simple CLI interface\n\n---\n\n**Made with ā¤ļø by the Swanit Anuran [MaskedVirus]**\n\n*Empowering security professionals with advanced scanning capabilities*\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswatv3nub%2Fgrim","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fswatv3nub%2Fgrim","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswatv3nub%2Fgrim/lists"}