A Python-based tool that is used to scan websites for various types of vulnerabilities.
The Website Vulnerability Scanner is a Python script that uses multiple libraries such as requests, BeautifulSoup, selenium, and sslyze to identify multiple types of vulnerabilities on the given website. This script checks for the following types of vulnerabilities:
- SQL Injection
- Cross-Site Scripting (XSS)
- Command Injection
- Local File Inclusion (LFI)
- HTTP Verb Tampering
- File Upload Vulnerabilities
- Session Fixation
- HTTP Parameter Pollution (HPP)
- Insecure Direct Object References (IDOR)
- Directory Traversal
- CORS Misconfiguration
- Misconfigured Security Headers
- SSL/TLS vulnerabilities
The script requires Python3 and the following libraries installed:
- requests
- BeautifulSoup
- selenium
- sslyze
You can install these packages using pip:
pip install -r requirements.txt
The script also requires ChromeDriver installed on the system.
python3 website_vulnerability_scanner.py <URL> <USERNAME> <PASSWORD>
Where: is the URL of the website to scan. and are the credentials for the website (if any).
This script is intended for educational purposes and to help improve the security of websites.
This project is licensed under the MIT License - see the LICENSE file for details.