SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

Related tags

Security related resourcesscodescanner
Overview

SCodeScanner

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

Learn more on http://scodescanner.info

Features

The main features for this tool are:-

  1. Scans the whole folder which contains multiple PHP files.
  2. Scans folder inside a folder, NOTE: This scans only one time, it will not scan folders inside folders inside folder
  3. It will not only notify you at which file but also which line the vulnerable code exists for quickly identified it.
  4. Scans not only the PRE-Defined PHP variables but also scans the custom variables. Like a $test1 = $_GET["aaa"], then it scans for both $test1 and the GET variables inside the source code
  5. Scans functions with a function that contains our variable. Like include(htmlentities($test)) so it will parse this and give the results like the $test variable found inside the include function. Because there might be possiblity of using base64 function instead of htmlentities.
  6. It runs on your localhost, where you will have to give the folder name for scans.
  7. Give results out for each file inside the anchors tag (So you can move on to it.)
  8. You can add more functions which are dangerous if you found missing any inside the vulnerablefunctions python file.

Test Vulnerable Folders

This tool uses vulnerable scripts from this repo:- https://github.com/snoopysecurity/Vulnerable-Code-Snippets

There are predifined folder named final, where it contains the PHP files/folder. Just for test. You can also use that folder to see how this tool will find the results in PHP.

On terminal: python scscanner.py final

Demo Video

Please go to:- http://scodescanner.info/2021/05/21/example-content/

How to run it?

Requirements

PHP, Python3

If you don't have any of these please download, then,

  1. Upload your folder which contains files inside upload directory, find it in root folder of this tool. This is important to run this tool (Working on this to make it more smoother).
  2. On terminal:- pip install -r requirements.txt
  3. On terminal:- php -S localhost:80
  4. Browse to localhost
  5. Type the foldername which contains the PHP files

OR run it on Terminal to see if any error pops up

python scscanner.py foldername

Note: Please try not to change the main file name 'scscanner.py', otherwise we will have to change the name in upload.php file.

Feedback

I would really like to hear your thoughts on this tool. And if you wanted to contribute in this tool please let me know on Twitter agrawalsmart7 or you can send me a Pull request.

Future Work

For now, I have focused only on PHP, but in future, I will make this scanner for other languages too. Focused languages are:- PHP, ASP, PYTHON JAVA. Let me know if anyone interested.

Also, I will update this tool regularly to make it more powerful.

You might also like...
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

EntySec 118 Dec 24, 2022
SSRF search vulnerabilities exploitation extended.
SSRF search vulnerabilities exploitation extended.

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).

Andri Wahyudi 13 Jul 4, 2021
Small python script to look for common vulnerabilities on SMTP server.
Small python script to look for common vulnerabilities on SMTP server.

BrokenSMTP BrokenSMTP is a python3 BugBounty/Pentesting tool to look for common vulnerabilities on SMTP server. Supported Vulnerability : Spoofing - T

null 39 Dec 16, 2022
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o

null 2 Nov 9, 2022
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries

Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.

Christopher Roberts 3 Nov 16, 2021
A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in

Black Hat Ethical Hacking 5 Aug 9, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

null 3 Feb 20, 2022
Something I built to test for Log4J vulnerabilities on customer networks.

Log4J-Scanner Something I built to test for Log4J vulnerabilities on customer networks. I'm not responsible if your computer blows up, catches fire or

null 1 Dec 20, 2021
Visibility and Mitigation for Log4J vulnerabilities

Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux

SentinelLabs 15 May 21, 2022
Comments
  • ValueError: Invalid format string

    ValueError: Invalid format string 

    logger.info("Starting the scanner - " + str(time.strftime("%Y-%m-%d-%hh-%MM-%ss")) +'\n')

    ValueError: Invalid format string scscanner.py line:39 I changed it to logger.info("Starting the scanner - " + str(time.strftime("%Y-%m-%d")) +'\n') But I'm not sure if it's accurate,Because there is no error in the operation, but there is no result image

    opened by SkinAir 6
  • error - doesn't run

    error - doesn't run

    python scscanner.py -h

    Traceback (most recent call last): File "scscanner.py", line 3, in from helper import yaml_main, php_main File "/root/scodescanner/helper.py", line 2, in from typing import final ImportError: cannot import name 'final' from 'typing' (/root/.pyenv/versions/3.7.13/lib/python3.7/typing.py)

    opened by svchost9913 3
  • Module not found - No module named 'src.php'

    Module not found - No module named 'src.php'

    I am getting an error when running the command python3 scscanner.py --help

    Traceback (most recent call last):
  File "/home/corrupted/scodescanner/scscanner.py", line 3, in <module>
    from helper import yaml_main, php_main
  File "/home/corrupted/scodescanner/helper.py", line 4, in <module>
    from src.php.folder_parserer import folderparser, fileparser
ModuleNotFoundError: No module named 'src.php'

    image

    opened by banner-prog 1
  • error - doesn't run

    error - doesn't run

    Hi,

    this is what I get when running python3 scscanner.py

    
Traceback (most recent call last):
  File "scscanner.py", line 3, in <module>
    from helper import yaml_main, php_main
  File "/home/adrian/Downloads/tools/scodescanner/helper.py", line 10, in <module>
    from src.common.file_sender import jira_issue_creater, slack_issue_creator
ModuleNotFoundError: No module named 'src.common'
    opened by adrian-rt 4
Releases(v3.1.0)

  • v3.1.0(Jun 3, 2022)

    CHANGELOG-

    • Added yaml scanning capability
    • Better code
    • Reduces false positives
    • Improved command agrument list
    • Added new yaml rules file - rules.yaml inside rules/yaml directory.
    • ignore low hanging fruits with severity.
    • Yaml scanner have ability to give output in beautiful JSON file.
    Source code(tar.gz)
    Source code(zip)

  • v2.1.0(Apr 20, 2022)

    CHANGELOG:

    1. Improved Code by removing unnecessary code

    2. Improved Rules.

    3. Rules now contains the tracking of the variable, Example:

        $var1 = $_GET['a'];
  $var2 = $_GET['b'];

 echo htmlspecialchars($var1 ); This will Ignore
 echo $var1; This will match

 $encryptedvalue = htmlspecialchars($var2);
 echo $encryptedvalue; this will ignore

 echo $var2; this will match

    4. Added --check flag - Which is responsible for removing the false positives.

    5. Addded Jira intergraion - Now we can send the output file directly to Jira instance.

    6. Added Slack Integration - We can send file to slack channel

    Source code(tar.gz)
    Source code(zip)

  • v2.0.0(Mar 4, 2022)

Owner
GitHub Repository
Separation of Mainlobes and Sidelobes in the Ultrasound Image Based on the Spatial Covariance (MIST) and Aperture-Domain Spectrum of Received Signals

Separation of Mainlobes and Sidelobes in the Ultrasound Image Based on the Spatial Covariance (MIST) and Aperture-Domain Spectrum of Received Signals

Rehman Ali 3 Jan 03, 2023
This program is a WiFi cracker, you can test many passwords for a desired wifi to find the wifi password!

WiFi_Cracker About the Program: This program is a WiFi cracker! Just run code and select a desired wifi to start cracking 💣 Note: you can use this pa

Sina.f 13 Dec 08, 2022
Laravel RCE (CVE-2021-3129)

CVE-2021-3129 - Laravel RCE About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability. This script allows you to wri

Joshua van der Poll 21 Dec 27, 2022
MTBLLS Ethical Hacking Tool Announcement of v2.0

MTBLLS Ethical Hacking Tool Announcement of v2.0 MTBLLS is a Free and Open-Source Ethical Hacking Tool developed by GhostTD (SkyWtkh) The tool can onl

Ghost 2 Mar 19, 2022
An automated header extensive scanner for detecting log4j RCE CVE-2021-44228

log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.

2 Dec 16, 2021
Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

使用方法&免责声明 该脚本为Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)。 使用方法:Python CVE-2020-17519.py urls.txt urls.txt 中每个url为一行,漏洞地址输出在vul.txt中 影响版本: Apache Flink 1

45 Sep 21, 2022
Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

CVE-2011-2523 - vsftpd 2.3.4 Exploit Discription vsftpd, which stands for Very Secure FTP Daemon,is an FTP server for Unix-like systems, including Lin

Padsala Tushal 5 Nov 08, 2022
Yet another web fuzzer

yafuzz Yet another web fuzzer Usage This script can run in two modes of operation. Supplying a wordlist -W argument will initiate a multithreaded fuzz

FooBallZ 5 Feb 02, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287

noPac Exploiting CVE-2021-42278 and CVE-2021-42287 原项目noPac在实现上可能有点问题,导致在本地没有打通,于是参考sam-the-admin项目进行修改。 使用 pip3 install -r requirements.txt # GetShel

W4ter 2 Jun 23, 2022
Whois-Python - Get Whois Domain with Python GUI

Whois-Python-GUI Get Whois Domain with Python - GUI :) WARNING Dont Copy ! - W

MR.D3F417 3 Feb 21, 2022
Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers

Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers New Update : adding 'on-review' tag on an issue

A N U S H 13 Sep 19, 2021
Web Headers Security Scanner

Web Headers Security Scanner

Emre Koybasi 3 Dec 16, 2022
将hw时信息收集以及简单的漏洞操作步骤简单化

Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏

19 Nov 15, 2022
Spring4Shell - Spring Core RCE - CVE-2022-22965

Spring Core RCE - CVE-2022-22965 After Spring Cloud, on March 29, another heavyweight vulnerability of Spring broke out on the Internet: Spring Core R

Malte Gejr 118 Dec 31, 2022
Simples brute forcer de diretorios para web pentest.

🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã

Dio brando 6 Jan 22, 2022
spring-cloud-gateway-rce CVE-2022-22947

Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 1.installation pip3 install -r requirements.txt 2.Usage $ python3 spring-cloud-gateway

k3rwin 10 Sep 28, 2022
ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)

ExProlog ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065) Usage: exprolog.py [OPTIONS] ExProlog -

Herwono W. Wijaya 130 Dec 15, 2022
Security audit Python project dependencies against security advisory databases.

Security audit Python project dependencies against security advisory databases.

52 Dec 17, 2022
Passphrase-wordlist - Shameless clone of passphrase wordlist

This repository is NOT official -- the original repository is located on GitLab

Jeff McJunkin 2 Feb 05, 2022
To explore creating an application that detects available connections at once from wifi and bluetooth

Signalum A Linux Package to detect and analyze existing connections from wifi and bluetooth. Also checkout the Desktop Application. Signalum Installat

BISOHNS 56 Mar 03, 2021