https://github.com/whomrx666/xninjaz

Xninjaz is a powerful and versatile multi-vulnerability scanner designed to detect various web application vulnerabilities, including Local File Inclusion (LFI), Open Redirects (OR), SQL Injection (SQLi), and Cross-Site Scripting (XSS). This tool was created by Mr.X
https://github.com/whomrx666/xninjaz

kali-linux lfi-vulnerability linux or-scanner sql-vulnerability-scanner termux termux-tool vulnerabilities vulnerabilities-scanner xninjaz xss-vulnerability

Last synced: 24 days ago
JSON representation

Xninjaz is a powerful and versatile multi-vulnerability scanner designed to detect various web application vulnerabilities, including Local File Inclusion (LFI), Open Redirects (OR), SQL Injection (SQLi), and Cross-Site Scripting (XSS). This tool was created by Mr.X

• Host: GitHub
• URL: https://github.com/whomrx666/xninjaz
• Owner: Whomrx666
• Created: 2024-09-09T23:58:09.000Z (about 2 months ago)
• Default Branch: main
• Last Pushed: 2024-09-10T00:31:07.000Z (about 2 months ago)
• Last Synced: 2024-10-13T02:22:21.774Z (24 days ago)
• Topics: kali-linux, lfi-vulnerability, linux, or-scanner, sql-vulnerability-scanner, termux, termux-tool, vulnerabilities, vulnerabilities-scanner, xninjaz, xss-vulnerability
• Language: Python
• Homepage: https://whomrxhackers.blogspot.com
• Size: 1010 KB
• Stars: 4
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Xninjaz

![Xninjaz preview](Xninjaz.jpg)

## introduction

Xninjaz is a powerful and versatile multi-vulnerability scanner designed to detect various web application vulnerabilities, including Local File Inclusion (LFI), Open Redirects (OR), SQL Injection (SQLi), and Cross-Site Scripting (XSS). This tool was created by Mr.X

## Instalations

```

$ pkg update -y && pkg upgrade -y

$ apt update -y && apt upgrade -y

$ pkg install git

$ pkg install python -y

$ git clone https://github.com/Whomrx666/Xninjaz.git

$ cd Xninjaz

$ pip install -r requirements.txt

$ python Xninjaz.py

```

## Features

- **LFI Scanner**: Detect Local File Inclusion vulnerabilities.

- **OR Scanner**: Identify Open Redirect vulnerabilities.

- **SQL Scanner**: Detect SQL Injection vulnerabilities.

- **XSS Scanner**: Identify Cross-Site Scripting vulnerabilities.

- **Multi-threaded scanning**: Improved performance through multi-threading.

- **Customizable payloads**: Adjust payloads to suit specific targets.

- **Success criteria**: Modify success detection criteria for specific use cases.

- **User-friendly command-line interface**: Simple and intuitive.

- **Save vulnerable URLs**: Option to save the results of vulnerable URLs to a file..

## Requirements

- **Python 3.x**

- `webdriver_manager==4.0.2`

- `selenium==4.24.0`

- `aiohttp==3.10.5`

- `beautifulsoup4==4.12.3`

- `colorama==0.4.6`

- `rich==12.6.0`

- `requests==2.28.1`

## Instructions

- **first**: Install tools according to the instructions above

- **second**: Select one of the columns you want to run

- **third**: Enter a custom path or single URL with the vulnerability that matches the column you selected

- **last**: Tools will automatically search for vulnerabilities 

## Input Information:

- **Input URL/File**: You can provide a single URL or an input file containing a list of URLs to scan.

- **Payload File**: Select or provide a custom payload file for the type of vulnerability you want to scan for.

- **Success Criteria:**:  Define the patterns or strings that indicate a successful exploitation attempt.

- **Concurrent Threads:**: Set the number of threads for multi-threaded scanning.

- **View and Save Results:**: Results will be displayed in real-time as the scan progresses.

After the scan completes, you will have the option to save the URLs found to be vulnerable to a file for future reference.

## Customization

Xninjaz allows for various levels of customization to fit your specific testing needs:

- **Custom Payloads:**: Create or modify payload files to suit specific vulnerability types or applications. Payloads should be tailored to the vulnerability being tested.

- **Success Criteria:**: Adjust the success criteria patterns in the tool to identify successful exploitation attempts more accurately. For example, you can modify the tool to check for specific error messages or unique responses.

- **Concurrent Threads:**:  Control the number of concurrent threads used during the scan to optimize performance based on system resources.

## Observation

This is a tool for education only, I am not responsible for any misuse

### Original Author



### <<< If you copy , Then Give me The Credits >>>

## CONNECT WITH ME :

[![Instagram](https://img.shields.io/badge/WEBSITE-VISIT-yellow?style=for-the-badge&logo=blogger)](https://whomrxhackers.blogspot.com/)

[![Instagram](https://img.shields.io/badge/TWITTER-FOLLOW-red?style=for-the-badge&logo=x)](https://twitter.com/whomrx666)

[![Instagram](https://img.shields.io/badge/YOUTUBE-SUBSCRIBE-red?style=for-the-badge&logo=youtube)](https://youtube.com/@whomrx666)

[![Instagram](https://img.shields.io/badge/FACEBOOK-LIKE-red?style=for-the-badge&logo=facebook)](https://facebook.com/https://www.facebook.com/whomrx.666)

[![Instagram](https://img.shields.io/badge/TELEGRAM-CONNECT-red?style=for-the-badge&logo=telegram)](https://t.me/@Whomr_X)

[![Instagram](https://img.shields.io/badge/GMAIL-CONTACT-red?style=for-the-badge&logo=gmail)](mailto:[email protected])

[![Instagram](https://img.shields.io/badge/TIKTOK-FOLLOW-red?style=for-the-badge&logo=tiktok)](https://www.tiktok.com/@whomr.x)

**If you want to donate, click on the button**



### Visitors :

![Visitor Count](https://profile-counter.glitch.me/Whomrx666/count.svg)