Exploit for web-vuln-scanner

Name: Exploit for web-vuln-scanner
Rating: 5 (52 reviews)
2026-06-13 | CVSS 5.9
## https://sploitus.com/exploit?id=83B29156-2E5B-5DE8-A514-617EF308D8E8
# Web Vulnerability Scanner

Basic web application vulnerability scanner built in Python. Tests for common OWASP Top 10 issues — written as a learning project and for use in authorized lab environments.

Not a replacement for Burp Suite, but good for quickly scanning params on a target and understanding what's happening under the hood.

## Tools

### scanner.py
Tests a URL for:
- Reflected XSS (injects payloads, checks for reflection in response)
- SQL Injection (error-based detection via DB error signatures)
- Open Redirect (tests common redirect params)
- Path Traversal (checks for /etc/passwd access)

```bash
python scanner.py "http://testphp.vulnweb.com/search.php?test=1"
python scanner.py "http://target.com/page?id=1&name=test"
```

**Good free targets to test on (legally):**
- `http://testphp.vulnweb.com` — Acunetix intentionally vulnerable app
- `http://hackyourselffirst.troyhunt.com` — Troy Hunt's demo
- DVWA on your local machine

### csrf_poc.py
Generates a standalone HTML proof-of-concept page for CSRF vulnerabilities.
Useful when writing pentest reports — gives developers something concrete to reproduce the bug.

```bash
# GET-based CSRF
python csrf_poc.py "https://bank.com/transfer?to=attacker&amount=1000"

# POST-based CSRF
python csrf_poc.py https://site.com/change-email POST email=hacked@evil.com
```

## Requirements

```bash
pip install requests urllib3
```

## How it works

The scanner injects test payloads into each URL parameter and analyzes the response. For XSS it checks if the payload is reflected back. For SQLi it looks for database error strings. No magic — just HTTP requests and string matching.

## Limitations

- Only tests GET parameters (POST form testing = TODO)
- No JavaScript rendering (won't catch DOM-based XSS)
- Error-based SQLi only — won't catch blind SQLi
- False positives are possible

For a real assessment you still need Burp Suite for manual testing. This just speeds up the initial scan.

## Disclaimer

Only run this on systems you have explicit permission to test. For lab/CTF/authorized assessments only.