Share
## https://sploitus.com/exploit?id=C4F1F349-558C-5425-BB18-BEBB846874C2
# RedTrace v3.0 โ€” Web Vulnerability Scanner

> Professional-grade web vulnerability scanner with async engine,
> CVE/NVD lookup, and WAF evasion. Built by **0xJBsec**.

## Features
- Async crawler (aiohttp + TCPConnector pool)
- SQL Injection: error-based, boolean-blind, time-based
- XSS: reflected detection with context awareness
- Command Injection: output-based + time-based
- Directory Traversal: Unix + Windows + encoded
- Open Redirect: 30+ parameter names tested
- Security Header audit + CSP quality check
- Directory fuzzing: 160+ path wordlist
- CVE lookup: NVD API v2 + CIRCL + ExploitDB
- WAF detection + 5-technique evasion engine
- JSON + human-readable reports

## Install
\`\`\`bash
git clone https://github.com/0xJBsec/RedTrace.git
cd RedTrace
pip3 install -r requirements.txt
chmod +x install.sh && ./install.sh
\`\`\`

## Usage
\`\`\`bash
redtrace http://target.com
redtrace http://target.com --cve-lookup
redtrace http://target.com --checks sqli xss --intensity high
redtrace http://target.com --cookie "session=abc123"
redtrace http://target.com -o report.json
\`\`\`

## Legal
For authorised security research, CTFs, and penetration testing only.