ExploiterX is a powerful and efficient vulnerability scanning tool designed for security professionals and developers. It automates the process of identifying potential vulnerabilities in web applications, focusing primarily on Cross-Site Scripting (XSS) attacks. This tool is user-friendly, adaptable, and can perform both authenticated and unauthenticated scans.
- User Input: Dynamic user input for target URLs and authentication credentials.
- Link Discovery: Automatically crawls the target website to discover all relevant links.
- Form Handling: Extracts and submits forms to test for vulnerabilities.
- XSS Testing: Performs automated tests for Cross-Site Scripting vulnerabilities in both URLs and forms.
- Error Handling: Robust error handling to ensure smooth operation, even in unexpected scenarios.
- Customizable Ignored Links: Option to specify URLs to ignore during scanning.
- Python 3.x
- Required Libraries:
- requests
- BeautifulSoup4
- lxml
You can install the required libraries using:
pip install requests beautifulsoup4 lxml- Clone the repository:
git clone https://github.com/anishalx/ExploiterX.git
cd ExploiterX- Install the required dependencies (as mentioned above).
Usage
To run the ExploiterX vulnerability scanner, use the following command in your terminal:
python exploiterX.pySteps to Scan
- Enter the target URL (e.g., http://example.com).
- Optionally, specify any URLs to ignore during the scan.
- Indicate whether the site requires a login and provide the necessary credentials if applicable.
- The tool will begin crawling the website and testing for XSS vulnerabilities.
Welcome to the Vulnerability Scanner Tool
Enter the target URL (e.g., http://example.com): http://testsite.com
Ignore links? (y/n): y
Enter URLs to ignore (comma-separated, optional): http://testsite.com/login
Does the site require login? (y/n): n
[*] Starting scan...
[+] Discovered: http://testsite.com/page1
[*] Scanning http://testsite.com/page1
[+] Testing form on http://testsite.com/page1
[***] XSS vulnerability discovered in form on http://testsite.com/page1Crawling the target
Crawling if target have login function
For a detailed list of options and usage instructions, simply run:
python netscanner.py -hNetScanner is compatible with:
- Windows: Use Command Prompt or PowerShell.
- macOS: Utilize Terminal for seamless execution.
- Linux: Run in any terminal emulator of your choice.
We welcome contributions from the community! If you have ideas for improvements or new features, please follow these steps:
- Fork the repository.
- Create a new branch (
git checkout -b feature/YourFeature). - Make your changes and commit them (
git commit -m 'Add some feature'). - Push your branch (
git push origin feature/YourFeature). - Open a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.