This tool scans a website for security vulnerabilities such as SQL Injection, XSS, and missing HTTP security headers. It also detects technologies used on the site and checks for known vulnerabilities (CVEs).
-
Navigate to the project directory
cd /path/to/project -
Install dependencies
Run the following command to install the required Python packages:pip install requests beautifulsoup4 python-whois colorama
pip install pyfiglet
-
Install Gobuster
Gobuster is an external tool that needs to be installed separately.-
Linux (e.g., Kali Linux)
sudo apt install gobuster
-
Windows
Download Gobuster from GitHub and add it to your system path. -
Install via Go (Linux/Mac/Windows)
If you have Go installed, you can install Gobuster with:go install github.com/OJ/gobuster/v3@latest
Ensure that
$GOPATH/binis in your systemPATHso you can run Gobuster globally.
-
-
Set the correct wordlist path
Openmain.pyand update the wordlist path:wordlist_path = "C:/path/to/wordlist.txt"
-
Run the script
If your script is in a different directory, update the path in the.batfile:python "C:\path\to\your\script\Main.py"Replace
C:\path\to\your\script\Main.pywith the actual path to your script. -
Start the tool with:
python main.py
-
Enter the target website (including
https://) to begin the scan.
- Detects technologies (CMS, web server)
- Checks for SQL Injection and Cross-Site Scripting (XSS) vulnerabilities
- Analyzes HTTP security headers
- Fetches known vulnerabilities from the CVE database
- Runs Gobuster scans (if installed)
- Retrieves WHOIS contact information
⚠ Disclaimer: This tool is for educational and ethical security testing purposes only!