Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

Related tags

Security related resources python bot exploit scanner hacking sqli vulnerability pentesting pentest vulnerability-scanners exploiter cms-detector scanner-web hacking-tools auto-exploiter auto-exploit vulnnr
Overview

About

create a target list or select one target, scans then exploits, done!
Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

Offers

LFI Scanners > Coming soon
XSS Scanners > Working
SQLI injection scanners > Working
Domain Scanner > Using hackerone API/finds subdoamins
CMS detector > Working
Server detector > Working
Common vulnerable files Scanner > Working
Directory Spider/Scanner > Working
Dorker > Working/Uses Googles search engine/ auto exploits
Autodorker > Working takes a list full of dorks (Dont recommend using)
Vulnscan > Scans one target
Vulnauto > Scans a list of target's
WordPress version detectors
WordPress theme detectors
WordPress user detectors
Over 50 upload wordpress plugin exploits
Over 40 LFI wordpress plugins exploits
Over 20 upload joomla exploits
Over 30 LFI joomla exploits
Complexx cms detection
Alot more o just have no time to write it all down

git clone https://github.com/X-x-X-0/Vulnnr.git
pip3 install -r requirements.txt
python3 Vulnnr.py

Credits

Credits to Nano => Creator
Credits to VulnX Github Project, used CMS detector
Credits to hellsec => idk hes just cool boyo

Help

also version of python is 3.8 if u get any error for bs4, or googlesearch run these commands

pip install bs4
pip install html5lib
pip install lxml
pip install google

Reason

Well really there was one reason into making this
I wanted it to be a a vulnerability scanner with the latest a greatest
exploits, mass endpoint scanners & exploiters, why? U may ask is because scanners/exploiters like this are costly because skids like to make a extra buck
I wanted this to be a free tool like xattacker 3.0 anyone could use to pentest there site, this project i will never give up on and i will continue working on it,
everyday il try to push a update or update the src and then il push it to github at the end of the week, requiring u to update. thanks for using vullnr have a nice day!

You might also like...
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

Aiminsun 165 Dec 21, 2022
Web Headers Security Scanner
Web Headers Security Scanner

Web Headers Security Scanner

Emre Koybasi 3 Dec 16, 2022
Moodle community-based vulnerability scanner
Moodle community-based vulnerability scanner

badmoodle Moodle community-based vulnerability scanner Description badmoodle is an unofficial community-based vulnerability scanner for moodle that sc

Michele Di Bonaventura 11 Dec 22, 2022
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.

Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py

RedHunt Labs 39 Nov 21, 2022
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3

Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR

Pushpender Singh 9 Dec 12, 2022
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

Welcome to HubbleStack!! You can find the docs here You can file an issue here Follow us on Twitter! Development Below are sample instructions to setu

HubbleStack 368 Jan 4, 2023
A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

James 41 Dec 30, 2022
Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.

Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.

Frank 3 Feb 7, 2022
Security audit Python project dependencies against security advisory databases.

Security audit Python project dependencies against security advisory databases.

null 52 Dec 17, 2022
Owner
Nano
i like to break things
Nano
GitHub
Windows Stack Based Auto Buffer Overflow Exploiter

Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.

Himanshu Shukla 19 Dec 22, 2022
wsvuls - website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.]

WSVuls Website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.] What's WSVuls? WSVuls is a simple and powerf

Anouar Ben Saad 47 Sep 22, 2022
RedTeam-Security - In this repo you will get the information of Red Team Security related links

OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M

Abhinav Pathak 5 May 18, 2022
Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software in packages called containers However, 'security' is a top request on Docker's public roadmap This project aims at vulnerability check for such docker containers. New contributions are accepted

Docker-Vulnerability-Check Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software i

Team Spark 103 Aug 20, 2022
Generate obfuscated meterpreter shells

Generator Evade AV with obfuscated payloads Installation must install dotnet prior to running the script with net45 Running ./generator.py -ip <Your-I

Fawaz Al-Mutairi 219 Nov 28, 2022
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

null 136 Dec 13, 2022
A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

Duc Linh Nguyen 4 Aug 8, 2022
Js File Scanner This is Js File Scanner

Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.

null 122 Dec 12, 2022
Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

Yuyu Scanner Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets. installation ! run as root

Justakazh 20 Nov 24, 2022
USSR-Scanner - USSR Scanner with python

Purposes ? Hey there is abosolutely no need to do this we do it only to irritate

Binary.club 2 Jan 24, 2022