ScanT3r – Web Security and Bug Bounty Automation Tool

Scanter - Web Application Security Tool

Description

Scant3r is a module-based web security tool, our goal is to make customizable tool with providing many functions and features that what you need for write a security module for an example (cookie parser/http request class/opts parsing etc ..) to make write a security module easy and simple for saving your time also we made it customizable as possible for example you can change what you want for example options parser you can change/add more options by a config file and scanning map content_types help message logos etc.

How can I benefit from this project?

For bug bounty hunters:

You can use it with the main modules in the table below or write your own module

For developers :

You can read the source code and try to understand how to make a project like this, or you can get all functions of scant3r in your projects (based on) and try to add more features with scant3r team support.

Modules

this the modules we providing for our community for you need new module open an issue with Featured request template or write your own module.

ModuleShort description
lorsrfBruteforcing on Hidden parameters to find SSRF vulnerability
ssrfsimple ssrf scanner
cvecve checks module wtih python scripts and YAML template
firebasechecks for public firebase database (write/read) permission
pathschecking for custom paths
xssinject xss payload in parameter value
sqlisimple sqli scanner
rcesimple RCE scanner
xss_paraminject xss payload in parameter name
sstisimple server side template injection scanner
execrun multi tasks for automate your work/recon
injheadersinject blind xss and custom payloads in custom headers (headers.yaml&payload.yaml)
reflectfind reflected parameters
secretsfind interesting variables content (API Keys , Debug Mode , etc ..)

Installation

Unix & MS-DOS

$ git clone https://github.com/knassar702/scant3r
$ cd scant3r
$ pip3 install -r requirements.txt
$ ./scant3r.py -h

 

Live Action

Nokia https://www.nokia.com/responsible-disclosure/

ScanT3r - Web Security and Bug Bounty Automation Tool Live Bug Bounty Hacking

IBM https://hackerone.com/ibm

ScanT3r - Web Security Tool and Bug Bounty Automation Tool


You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

twelve + eleven =