Website Security Scanner is a Python-based tool for scanning websites to identify potential security vulnerabilities, find common configuration files, and test for SQL injection vulnerabilities. This tool is intended for educational purposes and security testing with proper authorization.
- Scan a website for links and information.
- Check for the presence of common configuration files.
- Conduct a SQL injection test (please use responsibly and with proper authorization).
- Generate PDF reports summarizing the scan results.
- Python 3.x
- Dependencies can be installed using pip:
pip install requests beautifulsoup4 validators bleach fpdf
-
Clone the repository:
git clone https://github.com/eminemahjoub/malware-scanner.git
-
Navigate to the project directory:
cd malware-scanner -
Run the scanner:
python scanner.py
-
Follow the on-screen instructions to provide the website URL.
-
The tool will perform the following actions:
- Scan the website for links and display them.
- Check for common configuration files and report any findings.
- Conduct a SQL injection test (with proper authorization) and report the results.
-
Review the generated
scan.logfile for detailed logs of the scanning process. -
A PDF report summarizing the scan results will be generated with a name like
https_example_com_report.pdf.
The SQL injection test should only be performed with proper authorization and in a controlled, non-disruptive environment. Unauthorized testing is illegal and unethical.
You can customize the list of common configuration files in the check_for_config_files function to match your specific needs.
This project is open-source and available under the MIT License.
- Amine Mahjoub
- GitHub: Your GitHub Profile
- Special thanks to the open-source community for contributions and inspiration.