Open in app

Sign in

Write

Sign in

ExploiterX — Vulnerability Scanner Tool

Anish alx
3 min readNov 3, 2024

--

ExploiterX is a powerful and efficient vulnerability scanning tool designed for security professionals and developers. It automates the process of identifying potential vulnerabilities in web applications, focusing primarily on Cross-Site Scripting (XSS) attacks. This tool is user-friendly, adaptable, and can perform both authenticated and unauthenticated scans.

ExploiterX Vulnerability scanner

Features

  • User Input: Dynamic user input for target URLs and authentication credentials.
  • Link Discovery: Automatically crawls the target website to discover all relevant links.
  • Form Handling: Extracts and submits forms to test for vulnerabilities.
  • XSS Testing: Performs automated tests for Cross-Site Scripting vulnerabilities in both URLs and forms.
  • Error Handling: Robust error handling to ensure smooth operation, even in unexpected scenarios.
  • Customizable Ignored Links: Option to specify URLs to ignore during scanning.

Requirements

  • Python 3.x

Required Libraries:

  • requests
  • BeautifulSoup4
  • lxml

You can install the required libraries using:

pip install requests beautifulsoup4 lxml

Installation

  1. Clone the repository:
git clone https://github.com/anishalx/ExploiterX.git
   cd ExploiterX
  1. Install the required dependencies (as mentioned above).

Usage

To run the ExploiterX vulnerability scanner, use the following command in your terminal:

python exploiterX.py

Steps to Scan

  1. Enter the target URL (e.g., http://example.com).
  2. Optionally, specify any URLs to ignore during the scan.
  3. Indicate whether the site requires a login and provide the necessary credentials if applicable.
  4. The tool will begin crawling the website and testing for XSS vulnerabilities.

Example Output

Welcome to the Vulnerability Scanner Tool

Enter the target URL (e.g., http://example.com): http://testsite.com
Ignore links? (y/n): y
Enter URLs to ignore (comma-separated, optional): http://testsite.com/login
Does the site require login? (y/n): n
[*] Starting scan...
[+] Discovered: http://testsite.com/page1
[*] Scanning http://testsite.com/page1
[+] Testing form on http://testsite.com/page1
[***] XSS vulnerability discovered in form on http://testsite.com/page1

Crawling the target

Crawling if target have login function

Demo

Need Help?

For a detailed list of options and usage instructions, simply run:

python netscanner.py -h

Operating Systems

NetScanner is compatible with:

  • Windows: Use Command Prompt or PowerShell.
  • macOS: Utilize Terminal for seamless execution.
  • Linux: Run in any terminal emulator of your choice.

Warning

This tool is intended for educational and ethical use only. The author is not responsible for any misuse or illegal activity involving this tool. Use responsibly and in compliance with all relevant laws and regulations.

contact

For issues or suggestions, feel free to open a GitHub issue or contact me via Email.

Web3
Hacking
Bug Bounty
Penetration Testing
Python

--

--

Anish alx
Anish alx

Written by Anish alx

10 Followers
6 Following

Cybersecurity enthusiast and ethical hacker. Creator of GhostARP. Skilled in pentesting, Python, Burp Suite. Sharing hacking insights on YouTube and LinkedIn!

Responses (1)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams