Spaghetti - Web Application Security Scanner v0.1.1


Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations, and misconfigurations.
Spaghetti is built on python2.7 and can run on any platform which has a Python environment.
Features
Fingerprints:

  • Server
  • Web Frameworks (CakePHP,CherryPy,Django,...)
  • Web Application Firewall (Waf) (Cloudflare,AWS,Barracuda,...)
  • Content Management System (CMS) (Drupal,Joomla,Wordpress,Magento)
  • Operating System (Linux,Unix,Windows,...)
  • Language (PHP,Ruby,Python,ASP,...)


Discovery:
Scanning using options 1 :

  1. Apache
  2. Apache (mod_userdir)
  3. Apache (mod_status)
  4. Apache multiviews
  5. Apache xss
  6. Broken Auth./Session Management

Scanning using options 2 :

  1. Admin Panel
  2. Backdoors
  3. Backup Directory
  4. Backup File
  5. Common Directory
  6. Common File
  7. Log File
  8. Disclosure
  9. Emails
  10. IP
  11. Injection

Scanning using options 3 :

  1. HTML
  2. SQL
  3. LDAP
  4. XPath
  5. XSS
  6. RFI
  7. PHP Code
  8. Other

Scanning using options 4 :

  1. Allow Methods
  2. HTML Object
  3. Multiple Index
  4. Robots Paths
  5. Cookie Security
  6. Vulns

Scanning using options 5:

  1. ShellShock
  2. Struts-Shock

Installation
  •  git clone https://github.com/m4ll0k/Spaghetti.git
  •  cd Spaghetti 
  •  pip install -r requirements.txt
  •  python spaghetti.py --help
Tool Page at Github
https://github.com/m4ll0k/Spaghetti

Keywords:
website vulnerability scanner, web application security, website security check,website  scanner ,check website for malware, web application vulnerabilities, penetration testing tools, Kali linux, kali linux sql injection, vulnerability scanner,website security, web server vulnerabilities, vulnerability database

Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations, and misconfigurations.

Post a Comment

[blogger]

Author Name

{picture#YOUR_PROFILE_PICTURE_URL} YOUR_PROFILE_DESCRIPTION {facebook#https://www.facebook.com/wTsXDev} {twitter#https://twitter.com/wTsDev} {google#https://plus.google.com/u/0/+AnonSalame} {pinterest#https://www.pinterest.com/Thexwts/} {youtube#https://www.youtube.com/channel/UCg2fUa8Yp-aWDCJYQTVHmBg}

Contact Form

Name

Email *

Message *

Powered by Blogger.