SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

Related tags

Security related resourcesscodescanner
Overview

SCodeScanner

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

Learn more on http://scodescanner.info

Features

The main features for this tool are:-

  1. Scans the whole folder which contains multiple PHP files.
  2. Scans folder inside a folder, NOTE: This scans only one time, it will not scan folders inside folders inside folder
  3. It will not only notify you at which file but also which line the vulnerable code exists for quickly identified it.
  4. Scans not only the PRE-Defined PHP variables but also scans the custom variables. Like a $test1 = $_GET["aaa"], then it scans for both $test1 and the GET variables inside the source code
  5. Scans functions with a function that contains our variable. Like include(htmlentities($test)) so it will parse this and give the results like the $test variable found inside the include function. Because there might be possiblity of using base64 function instead of htmlentities.
  6. It runs on your localhost, where you will have to give the folder name for scans.
  7. Give results out for each file inside the anchors tag (So you can move on to it.)
  8. You can add more functions which are dangerous if you found missing any inside the vulnerablefunctions python file.

Test Vulnerable Folders

This tool uses vulnerable scripts from this repo:- https://github.com/snoopysecurity/Vulnerable-Code-Snippets

There are predifined folder named final, where it contains the PHP files/folder. Just for test. You can also use that folder to see how this tool will find the results in PHP.

On terminal: python scscanner.py final

Demo Video

Please go to:- http://scodescanner.info/2021/05/21/example-content/

How to run it?

Requirements

PHP, Python3

If you don't have any of these please download, then,

  1. Upload your folder which contains files inside upload directory, find it in root folder of this tool. This is important to run this tool (Working on this to make it more smoother).
  2. On terminal:- pip install -r requirements.txt
  3. On terminal:- php -S localhost:80
  4. Browse to localhost
  5. Type the foldername which contains the PHP files

OR run it on Terminal to see if any error pops up

python scscanner.py foldername

Note: Please try not to change the main file name 'scscanner.py', otherwise we will have to change the name in upload.php file.

Feedback

I would really like to hear your thoughts on this tool. And if you wanted to contribute in this tool please let me know on Twitter agrawalsmart7 or you can send me a Pull request.

Future Work

For now, I have focused only on PHP, but in future, I will make this scanner for other languages too. Focused languages are:- PHP, ASP, PYTHON JAVA. Let me know if anyone interested.

Also, I will update this tool regularly to make it more powerful.

You might also like...
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

EntySec 118 Dec 24, 2022
SSRF search vulnerabilities exploitation extended.
SSRF search vulnerabilities exploitation extended.

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).

Andri Wahyudi 13 Jul 4, 2021
Small python script to look for common vulnerabilities on SMTP server.
Small python script to look for common vulnerabilities on SMTP server.

BrokenSMTP BrokenSMTP is a python3 BugBounty/Pentesting tool to look for common vulnerabilities on SMTP server. Supported Vulnerability : Spoofing - T

null 39 Dec 16, 2022
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o

null 2 Nov 9, 2022
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries

Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.

Christopher Roberts 3 Nov 16, 2021
A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in

Black Hat Ethical Hacking 5 Aug 9, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

null 3 Feb 20, 2022
Something I built to test for Log4J vulnerabilities on customer networks.

Log4J-Scanner Something I built to test for Log4J vulnerabilities on customer networks. I'm not responsible if your computer blows up, catches fire or

null 1 Dec 20, 2021
Visibility and Mitigation for Log4J vulnerabilities

Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux

SentinelLabs 15 May 21, 2022
Comments
  • ValueError: Invalid format string

    ValueError: Invalid format string 

    logger.info("Starting the scanner - " + str(time.strftime("%Y-%m-%d-%hh-%MM-%ss")) +'\n')

    ValueError: Invalid format string scscanner.py line:39 I changed it to logger.info("Starting the scanner - " + str(time.strftime("%Y-%m-%d")) +'\n') But I'm not sure if it's accurate,Because there is no error in the operation, but there is no result image

    opened by SkinAir 6
  • error - doesn't run

    error - doesn't run

    python scscanner.py -h

    Traceback (most recent call last): File "scscanner.py", line 3, in from helper import yaml_main, php_main File "/root/scodescanner/helper.py", line 2, in from typing import final ImportError: cannot import name 'final' from 'typing' (/root/.pyenv/versions/3.7.13/lib/python3.7/typing.py)

    opened by svchost9913 3
  • Module not found - No module named 'src.php'

    Module not found - No module named 'src.php'

    I am getting an error when running the command python3 scscanner.py --help

    Traceback (most recent call last):
  File "/home/corrupted/scodescanner/scscanner.py", line 3, in <module>
    from helper import yaml_main, php_main
  File "/home/corrupted/scodescanner/helper.py", line 4, in <module>
    from src.php.folder_parserer import folderparser, fileparser
ModuleNotFoundError: No module named 'src.php'

    image

    opened by banner-prog 1
  • error - doesn't run

    error - doesn't run

    Hi,

    this is what I get when running python3 scscanner.py

    
Traceback (most recent call last):
  File "scscanner.py", line 3, in <module>
    from helper import yaml_main, php_main
  File "/home/adrian/Downloads/tools/scodescanner/helper.py", line 10, in <module>
    from src.common.file_sender import jira_issue_creater, slack_issue_creator
ModuleNotFoundError: No module named 'src.common'
    opened by adrian-rt 4
Releases(v3.1.0)

  • v3.1.0(Jun 3, 2022)

    CHANGELOG-

    • Added yaml scanning capability
    • Better code
    • Reduces false positives
    • Improved command agrument list
    • Added new yaml rules file - rules.yaml inside rules/yaml directory.
    • ignore low hanging fruits with severity.
    • Yaml scanner have ability to give output in beautiful JSON file.
    Source code(tar.gz)
    Source code(zip)

  • v2.1.0(Apr 20, 2022)

    CHANGELOG:

    1. Improved Code by removing unnecessary code

    2. Improved Rules.

    3. Rules now contains the tracking of the variable, Example:

        $var1 = $_GET['a'];
  $var2 = $_GET['b'];

 echo htmlspecialchars($var1 ); This will Ignore
 echo $var1; This will match

 $encryptedvalue = htmlspecialchars($var2);
 echo $encryptedvalue; this will ignore

 echo $var2; this will match

    4. Added --check flag - Which is responsible for removing the false positives.

    5. Addded Jira intergraion - Now we can send the output file directly to Jira instance.

    6. Added Slack Integration - We can send file to slack channel

    Source code(tar.gz)
    Source code(zip)

  • v2.0.0(Mar 4, 2022)

Owner
GitHub Repository
Safe Policy Optimization with Local Features

Safe Policy Optimization with Local Feature (SPO-LF) This is the source-code for implementing the algorithms in the paper "Safe Policy Optimization wi

Akifumi Wachi 6 Jun 05, 2022
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities.

👑 Recon 👑 The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my ow

Dirso 171 Dec 31, 2022
Generate MIPS reverse shell shellcodes easily !

MIPS-Reverse MIPS-Reverse is a tool that can generate shellcodes for the MIPS architecture that launches a reverse shell where you can specify the IP

29 Jul 27, 2021
✨ Powerfull & Universal Link Bypasser ✨

✨ Powerfull & Universal Link Bypasser ✨

Vodkarm06 4 Jun 03, 2022
A simple subdomain scanner in python

Subdomain-Scanner A simple subdomain scanner in python ✨ Features scans subdomains of a domain thats it! 💁‍♀️ How to use first download the scanner.p

Portgas D Ace 2 Jan 07, 2022
A Fast Broken Link Hijacker Tool written in Python

Broken Link Hijacker BrokenLinkHijacker(BLH) is a Fast Broken Link Hijacker Tool written in Python.

Mayank Pandey 70 Nov 30, 2022
CVE-2021-22205 Unauthorized RCE

CVE-2021-22205 影响版本: Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitlab CE/EE 13.8.8 Usage python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog

r0eXpeR 70 Nov 09, 2022
Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

springcore-0day-en These are all my notes from the alleged confirmed! 0day dropped on 2022-03-29. This vulnerability is commonly referred to as "Sprin

Chris Partridge 105 Nov 26, 2022
PyFUD - Fully Undetectable payload generator for metasploit

PyFUD fully Undetectable payload generator for metasploit Usage: pyfud.py --host

3 Mar 25, 2022
Make files with as many random bytes as you want

Lots o' Bytes 🔣 Make files with as many random bytes as you want! Use case Can be used to package malware that is normally small by making the downlo

Addi 1 Jan 13, 2022
A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

TProxer A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF. How • Install • Todo • Join Discord How it works

Krypt0mux 162 Nov 25, 2022
Exploit and Check Script for CVE 2022-1388

F5-CVE-2022-1388-Exploit Exploit and Check Script for CVE 2022-1388 Usage Check against single host python3 CVE-2022-1388.py -v true -u target_url At

Andy Gill 52 Dec 22, 2022
High level cheatsheet that was designed to make checks on the OSCP more manageable

High level cheatsheet that was designed to make checks on the OSCP more manageable. This repository however could also be used for your own studying or for evaluating test systems like on HackTheBox

Jacob Scheetz 89 Jan 01, 2023
AMC- Automatic Media Access Control [MAC] Address Spoofing Tool

AMC (Automatic Media Access Control [MAC] Address Spoofing tool), helps you to protect your real network hardware identity. Each entered time interval your hardware address was changed automatically.

Dipen Chavan 14 Dec 23, 2022
GRR Rapid Response: remote live forensics for incident response

GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu

Google 4.3k Jan 05, 2023
Multi Brute Force Facebook - Crack Facebook With Login - Free For Now

✭ SAKERA CRACK Made With ❤️ By Denventa, Araya, Dapunta Author: - Denventa - Araya Dev - Dapunta Khurayra X ⇨ Fitur Login [✯] Login Cookies ⇨ Ins

Dapunta ID 26 Jan 01, 2023
Simple python script for generating custom high-secure passwords for securing your social-apps ❤️

Opensource Project Simple Python Password Generator This repository is just for peoples who want to generate strong-passwords for there social-account

K A R T H I K 15 Dec 01, 2022
xray多线程批量扫描工具

Auto_xray xray多线程批量扫描工具 简介 xray社区版貌似没有批量扫描,这就让安服仔使用起来很不方便,扫站得一个个手动添加,非常难受 Auto_xray目录下记得放xray,就跟平时一样的。 选项1:oneforall+xray 输入一个主域名,自动采集子域名然后添加到xray任务列表

1frame 13 Nov 09, 2022
Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications

CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various

Prince Prafull 4 Jan 10, 2022
User-friendly reference finder in IDA

IDARefHunter Updated: This project's been introduced on IDA Plugin Contest 2021! Why do we need RefHunter? Getting reference information in one specif

Jiwon 29 Dec 04, 2022