The Multi-Tool Web Vulnerability Scanner.

Overview

GitHub issues GitHub issues GitHub forks GitHub stars GitHub license

🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner

RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1.1 releases section. Download and use it if you still haven't upgraded to Python 3. Kindly note that the v1.1 (Python2.7) will not be enhanced further.

Evolution:

It is quite a fuss for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program is to solve this problem through automation; viz. running multiple scanning tools to discover vulnerabilities, effectively judge false-positives, collectively correlate results and saves precious time; all these under one roof.

Enter RapidScan.

Features

  • one-step installation.
  • executes a multitude of security scanning tools, does other custom coded checks and prints the results spontaneously.
  • some of the tools include nmap, dnsrecon, wafw00f, uniscan, sslyze, fierce, lbd, theharvester, amass, nikto etc executes under one entity.
  • saves a lot of time, indeed a lot time!.
  • checks for same vulnerabilities with multiple tools to help you zero-in on false positives effectively.
  • extremely light-weight and not process intensive.
  • legends to help you understand which tests may take longer time, so you can Ctrl+C to skip if needed.
  • association with OWASP Top 10 & CWE 25 on the list of vulnerabilities discovered. (under development)
  • critical, high, medium, low and informational classification of vulnerabilities.
  • vulnerability definitions guides you what the vulnerability actually is and the threat it can pose.
  • remediation tells you how to plug/fix the found vulnerability.
  • executive summary gives you an overall context of the scan performed with critical, high, low and informational issues discovered.
  • artificial intelligence to deploy tools automatically depending upon the issues found. for eg; automates the launch of wpscan and plecost tools when a wordpress installation is found. (under development)
  • detailed comprehensive report in a portable document format (*.pdf) with complete details of the scans and tools used. (under development)
  • on the run metasploit auxilliary modules to discover more vulnerabilities. (under development)

FYI:

  • program is still under development, works and currently supports 80 vulnerability tests.
  • parallel processing is not yet implemented, may be coded as more tests gets introduced.

Vulnerability Checks

  • ✔️ DNS/HTTP Load Balancers & Web Application Firewalls.
  • ✔️ Checks for Joomla, WordPress and Drupal
  • ✔️ SSL related Vulnerabilities (HEARTBLEED, FREAK, POODLE, CCS Injection, LOGJAM, OCSP Stapling).
  • ✔️ Commonly Opened Ports.
  • ✔️ DNS Zone Transfers using multiple tools (Fierce, DNSWalk, DNSRecon, DNSEnum).
  • ✔️ Sub-Domains Brute Forcing (DNSMap, amass, nikto)
  • ✔️ Open Directory/File Brute Forcing.
  • ✔️ Shallow XSS, SQLi and BSQLi Banners.
  • ✔️ Slow-Loris DoS Attack, LFI (Local File Inclusion), RFI (Remote File Inclusion) & RCE (Remote Code Execution).
  • & more coming up...

Requirements

  • Python 3
  • Kali OS (Preferred, as it is shipped with almost all the tools)
  • Tested with Parrot & Ubuntu Operating Systems.

Usage

python3 rapidscan.py example.com

RapidScan.-.Start.scanning.a.website.in.20.seconds.mp4

Docker Support

To run a scan for example.com the command below has to be run. After completion reports can be found in the current path under reports.

docker run -t --rm -v $(pwd)/reports:/reports kanolato/rapidscan example.com

Contribution

Comments
  • Update Dockerfile for python 3

    Update Dockerfile for python 3

    Thanks for the python 3 update.

    The docker file should be updated and tested as well, I haven’t tested whether it currently works, but it looks like python3 is not installed, so I think the Dockerfile is currently broken.

    opened by tristanlatr 6
  • unique output file names

    unique output file names

    stomping over the same file with all sorts of results... well... not even worth a pull request... but I added a few lines to disambiguate them - the main bit is:

    date = subprocess.Popen(["date", "+%Y-%m-%d.%s"],stdout=subprocess.PIPE).stdout.read()[:-1].decode("utf-8") debuglog = "rs.dbg.%s.%s" % (target, date) vulreport = "rs.vul.%s.%s" % (target, date)

    That will create files that look like "rs.vul.google.com.2022-01-03.1641255361" or w/e.

    I'd also advocate creating a vulnerability file even if nothing was found; e.g. change this:

    if len(rs_vul_list)==0: print("\t"+bcolors.OKGREEN+"No Vulnerabilities Detected."+bcolors.ENDC)

    To be a report.write(*) with the same text or w/e (not blank, since it could die in mid run and you wouldn't know if it really was zero vuls or not.) First time I ran it I wasn't sure if there was a bug or what, since no result file was created.

    YMMV, IMHO, etc.

    opened by zenfish 4
  • Broken Dockerfile

    Broken Dockerfile

    Hi, it looks like the docker image cannot be build with the latest kali distributions :/

    I'm unsure which python dependencies have docutils as a requirements, tho.

    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:
    
    The following packages have unmet dependencies:
     python-docutils : Depends: docutils-common (= 0.12+dfsg-1) but 0.16+dfsg-4 is to be installed
                       Recommends: python-pil but it is not going to be installed
                       Recommends: python-pygments but it is not going to be installed
                       Recommends: libpaper-utils but it is not going to be installed
                       Recommends: docutils-doc (= 0.12+dfsg-1) but it is not going to be installed
     python-requests : Depends: python-chardet but it is not installable
    E: Unable to correct problems, you have held broken packages.
    The command '/bin/sh -c apt-get install -y   python2.7   wget   dmitry   dnsrecon   wapiti   nmap   sslyze   dnsenum   wafw00f   golismero   dirb   host   lbd   xsser   dnsmap   dnswalk   fierce   davtest   whatweb   nikto   uniscan   whois   theharvester' returned a non-zero code: 100
    
    opened by tristanlatr 4
  • scanning tool unavailable even if it available

    scanning tool unavailable even if it available

    Screenshot_2019-08-24-01-33-54-96

    I have nikto dimtry sslyze dnsrecon and golismer and other tool the script rapid scan still tell me that tool unavailable above script and on scan progress??

    opened by ringawy 4
  • Fixes #22

    Fixes #22

    Hi @sh4nx0r ,

    This PR adds some changes such that the code is using argparse to parse the arguments.

    And it fixes #22 with argument --skip.

    Edit: we should read 22 on the commit message not 12...

    opened by tristanlatr 3
  • Possibility to disable some tools

    Possibility to disable some tools

    Hi,

    I've been running into issues with DMitry, the scan takes more than 48h, which is not acceptable.

    I was wondering if there is an option to disable a specific tool using the rapidscan docker container ?

    Thanks

    opened by tristanlatr 3
  • fierce unrecognized arguments: -dns

    fierce unrecognized arguments: -dns

    I got unrecognized -dns arguments error.

    Fierce Subdomains Bruter - Brute Forces Subdomain Discovery.

    usage: fierce [-h] [--domain DOMAIN] [--connect] [--wide] [--traverse TRAVERSE] [--search SEARCH [SEARCH ...]] [--range RANGE] [--delay DELAY] [--subdomains SUBDOMAINS [SUBDOMAINS ...] | --subdomain-file SUBDOMAIN_FILE] [--dns-servers DNS_SERVERS [DNS_SERVERS ...] | --dns-file DNS_FILE] [--tcp] fierce: error: unrecognized arguments: -dns example.com

    opened by ghost 3
  • Upgrading to Python 3

    Upgrading to Python 3

    Hello!

    I really liked your tool, you surely have put a lot of effort into this tool, and I see that the development is still under progress. Don't you think that it will be a better idea to shift this tool to Python 3 as this is the future. Python 2 is deprecating with the passage of time. If you're willing to make the transition, I can work with you, we can together make the proper changings to shift from Python 2 to Python 3. Waiting for your thoughts on it. Thanks

    opened by njmulsqb 3
  • Update tool not recognizing

    Update tool not recognizing

    Good day, I wanted to do push for your code cause harvester is not working on latest Kali because of the name. So here you go the code, you can review it and make push. Its not big modification but theharvester is now theHarvester, if you go with theharvester it will tell you bash command not found.

    line 216 ["theHarvester","The Harvester - Scans for emails using Google's passive search.","theHarvester",1], line 301 ["theHarvester -l 50 -b google -d ",""], line 665 ["wapiti"], ["whatweb"], ["nmap"], ["golismero"], ["host"], ["wget"], ["uniscan"], ["wafw00f"], ["dirb"], ["davtest"], ["theHarvester"], ["xsser"], ["dnsrecon"],["fierce"], ["dnswalk"], ["whois"], ["sslyze"], ["lbd"], ["golismero"], ["dnsenum"],["dmitry"], ["davtest"], ["nikto"], ["dnsmap"] line

    bug 
    opened by Bitt3r 3
  • UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    Traceback (most recent call last): File "/Users/ayhan/Downloads/rapidscan-master/rapidscan.py", line 1514, in rs_tool_output_file = open(temp_file).read() File "/usr/local/Cellar/[email protected]/3.9.10/Frameworks/Python.framework/Versions/3.9/lib/python3.9/codecs.py", line 322, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    opened by ayhanbaris 2
  • borked dockerfile

    borked dockerfile

    MacOS 10.15.7 (Catalina)

    TLDR; run an apt-get before anything else... you either need to ignore keys altogether or use some alternate method to get the Kali pubkey (curl, wget, etc. aren't in the baseimage.) Alternate workaround after errors building:

    Sending build context to Docker daemon 3.565MB Step 1/10 : FROM kalilinux/kali-rolling ---> c2fadbc65f8d Step 2/10 : ENV DEBIAN_FRONTEND noninteractive ---> Using cache ---> fd58a73e4d8b Step 3/10 : RUN apt-get update && apt-get -yu dist-upgrade -y ---> Running in 73b26ccf950e Get:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease [30.6 kB] Err:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6 Reading package lists... W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/kali-archive-keyring.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: GPG error: http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6 E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed. The command '/bin/sh -c apt-get update && apt-get -yu dist-upgrade -y' returned a non-zero code: 100

    You can do the somewhat crazy :

    RUN apt -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true update

    Or actually get the key somehow. If you do the above, three more changes were necessary to make the dockerfile work -

    1. add the "--allow-unauthenticated" to apt-get RUN line
    2. change python to python3 in the apt-get package listing.
    3. change the last line from: ENTRYPOINT ["/usr/local/bin/rapidscan.py"] -> ENTRYPOINT ["python3", "/usr/local/bin/rapidscan.py"]
    opened by zenfish 2
  • Nmap takes forever

    Nmap takes forever

    It seems that scans take quite long to complete or maybe there is some issue.

    I have run the scan and nmap was running for 2 hours before i killed it and Fierce subdomains bruter is the same story (haven't killed it yet).

    Is this normal? Shall I wait for more, or is there something wrong?

    opened by kleozzy 0
  • Have a --version flag

    Have a --version flag

    That would be nice to be able to check if we're running the latest version of rapidscan.

    I wouldn't trust the --update flag to update rapidsan, it's likely resulting in permission error.

    opened by tristanlatr 0
  • HTML reports missing

    HTML reports missing

    Hello,

    I've run rapidscan via docker and it seems like all report files are fine. The temp_uniscan_rfi file says:

    HTML report saved in: report/www.my-domain.com.html

    But there is no HTML document. Any ideas?

    opened by linslin 1
Releases(v1.1)
  • v1.1(Oct 23, 2021)

    The v1.1 is a fully-functional version of RapidScan suitable for domains or websites supporting Python 2.7. Python 3 is not supported.

    The upcoming version 1.2 will be supporting Python 3.

    This release is not optimized for scanning network devices like firewalls, routers, etc.

    The v2.0 will contain the Bug-Bounty module. The v3.0 which is still under development that supports scanning of both the websites and network devices.

    Source code(tar.gz)
    Source code(zip)
  • v1.0(Nov 7, 2018)

    The v1.0 is a fully-functional version of RapidScan suitable for domains or websites. This release is not optimized for scanning network devices like firewalls, routers, etc.

    The v2.0 which is still under development will be supporting both the websites and network devices.

    Source code(tar.gz)
    Source code(zip)
Owner
skavngr
My rants and ramblings on info-sec.
skavngr
D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation time by modifying IDA Pro microcode.

Introduction fork from https://gitlab.com/eshard/d810 What is D-810 D-810 is an IDA Pro plugin which can be used to deobfuscate code at decompilation

Banny 30 Dec 06, 2022
Gitlab RCE - Remote Code Execution

Gitlab RCE - Remote Code Execution RCE for old gitlab version = 11.4.7 & 12.4.0-12.8.1 LFI for old gitlab versions 10.4 - 12.8.1 This is an exploit f

153 Nov 09, 2022
Scan your logs for CVE-2021-44228 related activity and report the attackers

jndiRep - CVE-2021-44228 Basically a bad grep on even worse drugs. search for malicious strings decode payloads print results to stdout or file report

js-on 2 Nov 24, 2022
This repo created for bypassing Widevine L3 DRM and obtaining keys.

First run: Copy headers (with cookies) of POST license request from browser to headers.py like dictionary. pip install -r requirements.txt # if doesn'

Mikhail 263 Jan 07, 2023
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3

Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR

Pushpender Singh 9 Dec 12, 2022
A proxy for asyncio.AbstractEventLoop for testing purposes

aioloop-proxy A proxy for asyncio.AbstractEventLoop for testing purposes. When tests writing for asyncio based code, there are controversial requireme

aio-libs 12 Dec 12, 2022
SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi

Jake Baines 80 Dec 29, 2022
BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3.

BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3. On first release it was able to successfully break many of the most well-known buffer overflow exampl

Kaan Caglan 5 Nov 23, 2021
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Marcel 5 Nov 17, 2022
Credit Card And SK Checker Written In Python

💳 Credit Card Checker (CC Checker) & Mass SK Checker & Generator 💳

Rimuru Tempest 53 Dec 31, 2022
Update of uncaptcha2 from 2019

YouTube Video Proof of Concept I created a new YouTube Video with technical Explanation for breaking Google's Audio reCAPTCHAs: Click on the image bel

Nikolai Tschacher 153 Dec 20, 2022
Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

3 Apr 09, 2022
Searches through git repositories for high entropy strings and secrets, digging deep into commit history

truffleHog Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accident

Truffle Security 10.1k Jan 09, 2023
ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

ProxyLogon For Python3 ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF-GetWebShell) usage: python ProxyLogon.py --host=exchang

112 Dec 01, 2022
聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or CVE from Github by CVE ID.

PocOrExp in Github 聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网 注意:只通过通用的CVE号聚合,因此对于MS17-010等Windows编号漏洞以及著名的有绰号的漏洞,还是自己检索一下比较好 Usage python3 exp.py -h usage: ex

567 Dec 30, 2022
A toolkit for web reconnaissance, it's fast and easy to use.

A toolkit for web reconnaissance, it's fast and easy to use. File Structure httpsuite/ main.py init.py db/ db.py init.py subdomains_db directories_db

whoami security 22 Jul 22, 2022
Archive-Crack - A Tools for crack file archive

Install In TERMUX apt update && apt upgrade -y pkg install python git unrar

X - MrG3P5 10 Oct 06, 2022
IDA Python Script for anti ollvm

IDA Python Script for anti ollvm

Shocker 62 Dec 23, 2022
A Radare2 based Python module for Binary Analysis and Reverse Engineering.

Zepu1chr3 A Radare2 based Python module for Binary Analysis and Reverse Engineering. Installation You can simply run this command. pip3 install zepu1c

Mehmet Ali KERİMOĞLU 5 Aug 25, 2022