Why would you use Scant3r?
Scant3r Scans all URLs with multiple HTTP Methods and Tries to look for bugs with basic exploits as XSS - SQLI - RCE - CRLF -SSTI from Headers and URL Parameters
By chaining waybackurls or gau
with Scant3r you will have more time to look into functions and get Easy bugs on the way :)
Scant3r will give you more time to focus on functionalities We've provided some modules to help you
Module | Description |
---|---|
lorsrf | Bruteforcing on Hidden parameters to find SSRF vulnerability |
hostping | get live domains |
hostinj | Host Header injection |
paths | dirbrute forcing |
reflect | find reflected parameters |
headers | add your payloads in HTTP headers |
neon | scans admin panel from CVE-2019-20141 |
If you want to write your own module
$ git clone https://github.com/knassar702/scant3r
$ cd scant3r
$ pip3 install -r requirements.txt
$ cd scant3r
$ git pull