The Multi-Tool Web Vulnerability Scanner.

Overview

GitHub issues GitHub issues GitHub forks GitHub stars GitHub license

🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner

RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1.1 releases section. Download and use it if you still haven't upgraded to Python 3. Kindly note that the v1.1 (Python2.7) will not be enhanced further.

Evolution:

It is quite a fuss for a pentester to perform binge-tool-scanning (running security scanning tools one after the other) sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program is to solve this problem through automation; viz. running multiple scanning tools to discover vulnerabilities, effectively judge false-positives, collectively correlate results and saves precious time; all these under one roof.

Enter RapidScan.

Features

  • one-step installation.
  • executes a multitude of security scanning tools, does other custom coded checks and prints the results spontaneously.
  • some of the tools include nmap, dnsrecon, wafw00f, uniscan, sslyze, fierce, lbd, theharvester, amass, nikto etc executes under one entity.
  • saves a lot of time, indeed a lot time!.
  • checks for same vulnerabilities with multiple tools to help you zero-in on false positives effectively.
  • extremely light-weight and not process intensive.
  • legends to help you understand which tests may take longer time, so you can Ctrl+C to skip if needed.
  • association with OWASP Top 10 & CWE 25 on the list of vulnerabilities discovered. (under development)
  • critical, high, medium, low and informational classification of vulnerabilities.
  • vulnerability definitions guides you what the vulnerability actually is and the threat it can pose.
  • remediation tells you how to plug/fix the found vulnerability.
  • executive summary gives you an overall context of the scan performed with critical, high, low and informational issues discovered.
  • artificial intelligence to deploy tools automatically depending upon the issues found. for eg; automates the launch of wpscan and plecost tools when a wordpress installation is found. (under development)
  • detailed comprehensive report in a portable document format (*.pdf) with complete details of the scans and tools used. (under development)
  • on the run metasploit auxilliary modules to discover more vulnerabilities. (under development)

FYI:

  • program is still under development, works and currently supports 80 vulnerability tests.
  • parallel processing is not yet implemented, may be coded as more tests gets introduced.

Vulnerability Checks

  • ✔️ DNS/HTTP Load Balancers & Web Application Firewalls.
  • ✔️ Checks for Joomla, WordPress and Drupal
  • ✔️ SSL related Vulnerabilities (HEARTBLEED, FREAK, POODLE, CCS Injection, LOGJAM, OCSP Stapling).
  • ✔️ Commonly Opened Ports.
  • ✔️ DNS Zone Transfers using multiple tools (Fierce, DNSWalk, DNSRecon, DNSEnum).
  • ✔️ Sub-Domains Brute Forcing (DNSMap, amass, nikto)
  • ✔️ Open Directory/File Brute Forcing.
  • ✔️ Shallow XSS, SQLi and BSQLi Banners.
  • ✔️ Slow-Loris DoS Attack, LFI (Local File Inclusion), RFI (Remote File Inclusion) & RCE (Remote Code Execution).
  • & more coming up...

Requirements

  • Python 3
  • Kali OS (Preferred, as it is shipped with almost all the tools)
  • Tested with Parrot & Ubuntu Operating Systems.

Usage

python3 rapidscan.py example.com

RapidScan.-.Start.scanning.a.website.in.20.seconds.mp4

Docker Support

To run a scan for example.com the command below has to be run. After completion reports can be found in the current path under reports.

docker run -t --rm -v $(pwd)/reports:/reports kanolato/rapidscan example.com

Contribution

Comments
  • Update Dockerfile for python 3

    Update Dockerfile for python 3

    Thanks for the python 3 update.

    The docker file should be updated and tested as well, I haven’t tested whether it currently works, but it looks like python3 is not installed, so I think the Dockerfile is currently broken.

    opened by tristanlatr 6
  • unique output file names

    unique output file names

    stomping over the same file with all sorts of results... well... not even worth a pull request... but I added a few lines to disambiguate them - the main bit is:

    date = subprocess.Popen(["date", "+%Y-%m-%d.%s"],stdout=subprocess.PIPE).stdout.read()[:-1].decode("utf-8") debuglog = "rs.dbg.%s.%s" % (target, date) vulreport = "rs.vul.%s.%s" % (target, date)

    That will create files that look like "rs.vul.google.com.2022-01-03.1641255361" or w/e.

    I'd also advocate creating a vulnerability file even if nothing was found; e.g. change this:

    if len(rs_vul_list)==0: print("\t"+bcolors.OKGREEN+"No Vulnerabilities Detected."+bcolors.ENDC)

    To be a report.write(*) with the same text or w/e (not blank, since it could die in mid run and you wouldn't know if it really was zero vuls or not.) First time I ran it I wasn't sure if there was a bug or what, since no result file was created.

    YMMV, IMHO, etc.

    opened by zenfish 4
  • Broken Dockerfile

    Broken Dockerfile

    Hi, it looks like the docker image cannot be build with the latest kali distributions :/

    I'm unsure which python dependencies have docutils as a requirements, tho.

    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:
    
    The following packages have unmet dependencies:
     python-docutils : Depends: docutils-common (= 0.12+dfsg-1) but 0.16+dfsg-4 is to be installed
                       Recommends: python-pil but it is not going to be installed
                       Recommends: python-pygments but it is not going to be installed
                       Recommends: libpaper-utils but it is not going to be installed
                       Recommends: docutils-doc (= 0.12+dfsg-1) but it is not going to be installed
     python-requests : Depends: python-chardet but it is not installable
    E: Unable to correct problems, you have held broken packages.
    The command '/bin/sh -c apt-get install -y   python2.7   wget   dmitry   dnsrecon   wapiti   nmap   sslyze   dnsenum   wafw00f   golismero   dirb   host   lbd   xsser   dnsmap   dnswalk   fierce   davtest   whatweb   nikto   uniscan   whois   theharvester' returned a non-zero code: 100
    
    opened by tristanlatr 4
  • scanning tool unavailable even if it available

    scanning tool unavailable even if it available

    Screenshot_2019-08-24-01-33-54-96

    I have nikto dimtry sslyze dnsrecon and golismer and other tool the script rapid scan still tell me that tool unavailable above script and on scan progress??

    opened by ringawy 4
  • Fixes #22

    Fixes #22

    Hi @sh4nx0r ,

    This PR adds some changes such that the code is using argparse to parse the arguments.

    And it fixes #22 with argument --skip.

    Edit: we should read 22 on the commit message not 12...

    opened by tristanlatr 3
  • Possibility to disable some tools

    Possibility to disable some tools

    Hi,

    I've been running into issues with DMitry, the scan takes more than 48h, which is not acceptable.

    I was wondering if there is an option to disable a specific tool using the rapidscan docker container ?

    Thanks

    opened by tristanlatr 3
  • fierce unrecognized arguments: -dns

    fierce unrecognized arguments: -dns

    I got unrecognized -dns arguments error.

    Fierce Subdomains Bruter - Brute Forces Subdomain Discovery.

    usage: fierce [-h] [--domain DOMAIN] [--connect] [--wide] [--traverse TRAVERSE] [--search SEARCH [SEARCH ...]] [--range RANGE] [--delay DELAY] [--subdomains SUBDOMAINS [SUBDOMAINS ...] | --subdomain-file SUBDOMAIN_FILE] [--dns-servers DNS_SERVERS [DNS_SERVERS ...] | --dns-file DNS_FILE] [--tcp] fierce: error: unrecognized arguments: -dns example.com

    opened by ghost 3
  • Upgrading to Python 3

    Upgrading to Python 3

    Hello!

    I really liked your tool, you surely have put a lot of effort into this tool, and I see that the development is still under progress. Don't you think that it will be a better idea to shift this tool to Python 3 as this is the future. Python 2 is deprecating with the passage of time. If you're willing to make the transition, I can work with you, we can together make the proper changings to shift from Python 2 to Python 3. Waiting for your thoughts on it. Thanks

    opened by njmulsqb 3
  • Update tool not recognizing

    Update tool not recognizing

    Good day, I wanted to do push for your code cause harvester is not working on latest Kali because of the name. So here you go the code, you can review it and make push. Its not big modification but theharvester is now theHarvester, if you go with theharvester it will tell you bash command not found.

    line 216 ["theHarvester","The Harvester - Scans for emails using Google's passive search.","theHarvester",1], line 301 ["theHarvester -l 50 -b google -d ",""], line 665 ["wapiti"], ["whatweb"], ["nmap"], ["golismero"], ["host"], ["wget"], ["uniscan"], ["wafw00f"], ["dirb"], ["davtest"], ["theHarvester"], ["xsser"], ["dnsrecon"],["fierce"], ["dnswalk"], ["whois"], ["sslyze"], ["lbd"], ["golismero"], ["dnsenum"],["dmitry"], ["davtest"], ["nikto"], ["dnsmap"] line

    bug 
    opened by Bitt3r 3
  • UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    Traceback (most recent call last): File "/Users/ayhan/Downloads/rapidscan-master/rapidscan.py", line 1514, in rs_tool_output_file = open(temp_file).read() File "/usr/local/Cellar/[email protected]/3.9.10/Frameworks/Python.framework/Versions/3.9/lib/python3.9/codecs.py", line 322, in decode (result, consumed) = self._buffer_decode(data, self.errors, final) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdd in position 1541: invalid continuation byte

    opened by ayhanbaris 2
  • borked dockerfile

    borked dockerfile

    MacOS 10.15.7 (Catalina)

    TLDR; run an apt-get before anything else... you either need to ignore keys altogether or use some alternate method to get the Kali pubkey (curl, wget, etc. aren't in the baseimage.) Alternate workaround after errors building:

    Sending build context to Docker daemon 3.565MB Step 1/10 : FROM kalilinux/kali-rolling ---> c2fadbc65f8d Step 2/10 : ENV DEBIAN_FRONTEND noninteractive ---> Using cache ---> fd58a73e4d8b Step 3/10 : RUN apt-get update && apt-get -yu dist-upgrade -y ---> Running in 73b26ccf950e Get:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease [30.6 kB] Err:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6 Reading package lists... W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-buster-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/kali-archive-keyring.gpg are ignored as the file is not readable by user '_apt' executing apt-key. W: GPG error: http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6 E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed. The command '/bin/sh -c apt-get update && apt-get -yu dist-upgrade -y' returned a non-zero code: 100

    You can do the somewhat crazy :

    RUN apt -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true update

    Or actually get the key somehow. If you do the above, three more changes were necessary to make the dockerfile work -

    1. add the "--allow-unauthenticated" to apt-get RUN line
    2. change python to python3 in the apt-get package listing.
    3. change the last line from: ENTRYPOINT ["/usr/local/bin/rapidscan.py"] -> ENTRYPOINT ["python3", "/usr/local/bin/rapidscan.py"]
    opened by zenfish 2
  • Nmap takes forever

    Nmap takes forever

    It seems that scans take quite long to complete or maybe there is some issue.

    I have run the scan and nmap was running for 2 hours before i killed it and Fierce subdomains bruter is the same story (haven't killed it yet).

    Is this normal? Shall I wait for more, or is there something wrong?

    opened by kleozzy 0
  • Have a --version flag

    Have a --version flag

    That would be nice to be able to check if we're running the latest version of rapidscan.

    I wouldn't trust the --update flag to update rapidsan, it's likely resulting in permission error.

    opened by tristanlatr 0
  • HTML reports missing

    HTML reports missing

    Hello,

    I've run rapidscan via docker and it seems like all report files are fine. The temp_uniscan_rfi file says:

    HTML report saved in: report/www.my-domain.com.html

    But there is no HTML document. Any ideas?

    opened by linslin 1
Releases(v1.1)
  • v1.1(Oct 23, 2021)

    The v1.1 is a fully-functional version of RapidScan suitable for domains or websites supporting Python 2.7. Python 3 is not supported.

    The upcoming version 1.2 will be supporting Python 3.

    This release is not optimized for scanning network devices like firewalls, routers, etc.

    The v2.0 will contain the Bug-Bounty module. The v3.0 which is still under development that supports scanning of both the websites and network devices.

    Source code(tar.gz)
    Source code(zip)
  • v1.0(Nov 7, 2018)

    The v1.0 is a fully-functional version of RapidScan suitable for domains or websites. This release is not optimized for scanning network devices like firewalls, routers, etc.

    The v2.0 which is still under development will be supporting both the websites and network devices.

    Source code(tar.gz)
    Source code(zip)
Owner
skavngr
My rants and ramblings on info-sec.
skavngr
Something I built to test for Log4J vulnerabilities on customer networks.

Log4J-Scanner Something I built to test for Log4J vulnerabilities on customer networks. I'm not responsible if your computer blows up, catches fire or

1 Dec 20, 2021
IDA2Obj is a tool to implement SBI (Static Binary Instrumentation).

IDA2Obj IDA2Obj is a tool to implement SBI (Static Binary Instrumentation). The working flow is simple: Dump object files (COFF) directly from one exe

Mickey 94 Dec 13, 2022
MD5-CRACKER - A gmail brute force app created with python3

MD5-CRACKER So this is my first app i created with python3 . if you guys downloa

2 Nov 10, 2022
Convert a collection of features to a fixed-dimensional matrix using the hashing trick.

FeatureHasher Convert a collection of features to a fixed-dimensional matrix using the hashing trick. Note, this requires Jina=2.2.4. Example Here I

Jina AI 5 Mar 15, 2022
version de mi tool de kali linux para miertuxzzzz digo, termux >:)

Msf-Tool 1.0 Termux apt install git -y apt install python apt install python3 apt install python3-pip apt install metasploit ---- ---- git clone ht

BruhGera 1 Feb 20, 2022
Uma ferramenta de segurança da informação escrita em python3,capaz de dar acesso total ao computador de alguém!

shell-reverse Uma ferramenta de segurança da informação escrita em python3, capaz de dar acesso total ao computador de alguém! A cybersecurity tool wr

Marcus Vinícius Ribeiro Andrade 1 Nov 03, 2021
an impacket-dependent script exploiting CVE-2019-1040

dcpwn an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.

QAX A-Team 71 Nov 30, 2022
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

Chirag Agrawal 24 Dec 19, 2022
This repository consists of the python scripts for execution and automation of vivid tasks.

Scripting.py is a repository being maintained to keep log of the python scripts that I create for automating and executing some of my boring manual task.

Prakriti Regmi 1 Feb 07, 2022
A simple automatic tool for finding vulnerable log4j hosts

Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI

Federico Rapetti 20018955 6 Mar 10, 2022
It's a simple tool for test vulnerability Apache Path Traversal

SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021

Mr. Cl0wn - H4ck1ng C0d3r 56 Dec 27, 2022
🔐 A simple command-line password manager.

PassVault What Is It? It is a command-line password manager, for educational purposes, that stores localy, in AES encryption, your sensitives datas in

5 Aug 15, 2022
Python HDFS client

Python HDFS client Because the world needs yet another way to talk to HDFS from Python. Usage This library provides a Python client for WebHDFS. NameN

Jing Wang 82 Dec 28, 2022
Mert Güvençli 142 Jan 05, 2023
Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Python-based proof-of-concept tool for generating payloads that utilize unsafe Java object deserialization.

Astro 9 Sep 27, 2022
Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers

Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers New Update : adding 'on-review' tag on an issue

A N U S H 13 Sep 19, 2021
Gitlab RCE - Remote Code Execution

Gitlab RCE - Remote Code Execution RCE for old gitlab version = 11.4.7 & 12.4.0-12.8.1 LFI for old gitlab versions 10.4 - 12.8.1 This is an exploit f

153 Nov 09, 2022
JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you.

JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you. Although it may not work with high degrees of obfuscation, it's a pretty nice tool to help you even if it's j

Quatrecentquatre 3 May 01, 2022
Generates password lists/dictionaries based on keywords written in python3.

dicbyru Introduction Generates password lists/dictionaries based on keywords. It uses the keywords and adds capital letters, numbers and special chara

ru55o 2 Oct 31, 2022
Apache Solr SSRF(CVE-2021-27905)

Solr-SSRF Apache Solr SSRF #Use [-] Apache Solr SSRF漏洞 (CVE-2021-27905) [-] Options: -h or --help : 方法说明 -u or --url

Henry4E36 70 Nov 09, 2022