## https://sploitus.com/exploit?id=FC074519-C45B-5CD6-B5EE-4577D783261F
# Web Vulnerability Scanner
A Python-based web vulnerability scanner that automatically
tests websites for common security vulnerabilities.
## What it detects
### 1. SQL Injection
Tests input parameters with common SQL injection payloads
and detects database error messages in responses.
### 2. Cross-Site Scripting (XSS)
Injects JavaScript payloads and checks if they are
reflected back in the server response.
### 3. Missing Security Headers
Checks for the presence of critical HTTP security headers:
- X-Frame-Options
- X-XSS-Protection
- Content-Security-Policy
- Strict-Transport-Security
- X-Content-Type-Options
## How to use
```bash
pip install requests
python3 web_scanner.py
```
## Example output
Web Vulnerability Scanner
Target: http://target.com
[*] Testing for SQL Injection...
[!] SQL Injection vulnerability found!
Payload: '
[*] Testing for XSS...
[!] XSS vulnerability found!
[*] Checking security headers...
[!] Content-Security-Policy โ MISSING โ
[!] X-Frame-Options โ MISSING โ
## Skills demonstrated
- Python requests library
- SQL injection detection
- XSS detection
- HTTP security headers analysis
- Automated vulnerability testing
## Legal disclaimer
Only use this tool on websites you own or have
explicit permission to test. Unauthorized scanning
is illegal.