https://github.com/taleblou/urlvulnerabilityscanner_python
This Python script scans URLs for vulnerabilities like SQL injection, XSS, open ports, weak session management, and more. It generates a CSV report with detailed findings. Use it for authorized security testing to identify risks and improve website defenses.
https://github.com/taleblou/urlvulnerabilityscanner_python
authorized injection vulnerabilities xss
Last synced: about 1 year ago
JSON representation
This Python script scans URLs for vulnerabilities like SQL injection, XSS, open ports, weak session management, and more. It generates a CSV report with detailed findings. Use it for authorized security testing to identify risks and improve website defenses.
- Host: GitHub
- URL: https://github.com/taleblou/urlvulnerabilityscanner_python
- Owner: taleblou
- License: mit
- Created: 2025-01-16T08:38:13.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-01-16T08:40:15.000Z (over 1 year ago)
- Last Synced: 2025-02-08T14:16:11.181Z (over 1 year ago)
- Topics: authorized, injection, vulnerabilities, xss
- Language: Python
- Homepage: https://taleblou.ir/
- Size: 7.81 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## **URL Vulnerability Scanner**
This script scans a given URL for common vulnerabilities and generates a detailed vulnerability report in CSV format. It performs various security checks, including SQL injection, XSS, directory traversal, open ports, and more.
---
## **Features**
1. **SQL Injection Detection**: Identifies SQL vulnerabilities by injecting common payloads.
2. **Cross-Site Scripting (XSS)**: Detects possible XSS vulnerabilities using common scripts.
3. **Directory Traversal**: Tests for access to restricted directories.
4. **Open Directory Check**: Scans for open directory indexes.
5. **Subdomain Discovery**: Identifies accessible subdomains.
6. **Port Scanning**: Checks for open ports like 21, 22, 80, 443, 8080\.
7. **Sensitive Endpoint Discovery**: Searches for exposed sensitive endpoints.
8. **HTTP Security Headers**: Analyzes the presence of essential HTTP security headers.
9. **Command Injection**: Tests for command execution vulnerabilities.
10. **CSRF Token Check**: Detects forms without anti-CSRF tokens.
11. **SSL/TLS Configuration**: Validates SSL certificates and checks expiration.
12. **Open Redirect**: Identifies potential redirect vulnerabilities.
13. **File Upload Vulnerabilities**: Tests upload functionality for security flaws.
14. **Directory Enumeration**: Enumerates common directories for accessibility.
15. **Weak Session Management**: Verifies secure cookie flags.
16. **Exposed API Endpoints**: Discovers unprotected API endpoints.
17. **Access Control Flaws**: Checks for unauthorized access to restricted areas.
18. **Parameter Tampering**: Verifies server behavior on modified parameters.
19. **Rate Limiting**: Checks for rate-limiting mechanisms.
---
## **Requirements**
* **Python 3.6+**
* Libraries:
* `requests`
* `pandas`
* `urllib.parse`
* `socket`
* `ssl`
---
## **Installation**
1. Clone the repository or download the script.
Install dependencies using pip:
bash
Copy code
`pip install requests pandas`
2.
---
## **Usage**
1. Replace the `target_url` variable with the URL you want to scan.
Run the script:
bash
Copy code
`python vulnerability_scanner.py`
2.
3. The results will be saved to `vulnerability_report.csv`.
---
## **Configuration**
* **Output File**: Set the `output_file` parameter to specify the CSV file name.
* **Custom Payloads**: Modify the payload lists in the script for SQL, XSS, command injection, etc., to include custom tests.
* **Subdomains and Endpoints**: Edit the `subdomains` and `endpoints` lists to include more test cases.
---
## **Notes**
* Ensure you have permission to scan the target domain. Unauthorized scanning may violate laws or terms of service.
* The script provides a basic vulnerability scan and should not replace comprehensive security testing.
---
## **Example Output**
A sample `vulnerability_report.csv` might look like this:
| URL | Vulnerability Type | Payload | Details |
| ----- | ----- | ----- | ----- |
| https://example.com?test=' | SQL Injection | `'` | Detected SQL syntax error. |
| https://example.com/upload | File Upload | `test.php` | Uploaded PHP file executed. |
| https://admin.example.com | Exposed Subdomain | `N/A` | Subdomain is accessible. |
| https://example.com:443 | Open Port | `Port 443` | Port 443 is open. |
---
## **Disclaimer**
This tool is for educational and authorized testing purposes only. Do not use it on systems you do not own or have explicit permission to test.