Loading...
Sunday, September 2, 2012

secscan-py - Web Apps Scanner and Much more utilities

SecScan is the Multithreading Web Vulnerability Scanner plus professional Utilities for penetrating testers.A compact Web Apps Vulnerable Scanner for amateur pentester.
Feature -

SQLi, XSS, LFI, RFI

Utilities -
Admin/login finder, sub-domain finder, online/offline MD5 cracker, Router checker, local IP lookup

Stable version will covers -

auto SQL injector (bind with SlowQL) Fuzzer, Port/OS Scanner, MD5/SHA1 bruteforcer, MD5/SHA1 crypter,

Known bugs -

Still crash during MD5 dictionary attack on large lengths of text. XSS sometime gives false positive.

How to run - 

To run: ./SecScan

bug issues report at: norske.drittsekk@gmail.com || digiopen55@gmail.com

Fix issues & upgrades:

- Crash during LFI & XSS scans
- More MD5 Dictionary cracking features & functions.
- Run more stable in SQL scan mode.
- Able to search more than 20 pages. (max is 90 to avoid cut off/CAPTCHA-request by search engine)
- more search engine choice. Default is still Ask Engine. (Bing & Yahoo are fine, not recommend Google API)
- More stealthy
- Random user-agent generator

Will add more in near-future:

- SQL injector (bind with my other project slowQL)
- MD5 bruteforcer (offline)
- SHA1 Dic/Brute cracker
- Hex viewer.
- Proxy finder
- Proxified mode
- Heuristic port & OS scanner (similar to N-map)

Download: SecScan ver 1.1 (beta)
http://secscan-py.googlecode.com/files/SecScan-v1.1b

Download other versions-
http://code.google.com/p/secscan-py/downloads/list

Screenshot -




0 comments:

Post a Comment

 
TOP