SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

Related tags

Security related resourcesscodescanner
Overview

SCodeScanner

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

Learn more on http://scodescanner.info

Features

The main features for this tool are:-

  1. Scans the whole folder which contains multiple PHP files.
  2. Scans folder inside a folder, NOTE: This scans only one time, it will not scan folders inside folders inside folder
  3. It will not only notify you at which file but also which line the vulnerable code exists for quickly identified it.
  4. Scans not only the PRE-Defined PHP variables but also scans the custom variables. Like a $test1 = $_GET["aaa"], then it scans for both $test1 and the GET variables inside the source code
  5. Scans functions with a function that contains our variable. Like include(htmlentities($test)) so it will parse this and give the results like the $test variable found inside the include function. Because there might be possiblity of using base64 function instead of htmlentities.
  6. It runs on your localhost, where you will have to give the folder name for scans.
  7. Give results out for each file inside the anchors tag (So you can move on to it.)
  8. You can add more functions which are dangerous if you found missing any inside the vulnerablefunctions python file.

Test Vulnerable Folders

This tool uses vulnerable scripts from this repo:- https://github.com/snoopysecurity/Vulnerable-Code-Snippets

There are predifined folder named final, where it contains the PHP files/folder. Just for test. You can also use that folder to see how this tool will find the results in PHP.

On terminal: python scscanner.py final

Demo Video

Please go to:- http://scodescanner.info/2021/05/21/example-content/

How to run it?

Requirements

PHP, Python3

If you don't have any of these please download, then,

  1. Upload your folder which contains files inside upload directory, find it in root folder of this tool. This is important to run this tool (Working on this to make it more smoother).
  2. On terminal:- pip install -r requirements.txt
  3. On terminal:- php -S localhost:80
  4. Browse to localhost
  5. Type the foldername which contains the PHP files

OR run it on Terminal to see if any error pops up

python scscanner.py foldername

Note: Please try not to change the main file name 'scscanner.py', otherwise we will have to change the name in upload.php file.

Feedback

I would really like to hear your thoughts on this tool. And if you wanted to contribute in this tool please let me know on Twitter agrawalsmart7 or you can send me a Pull request.

Future Work

For now, I have focused only on PHP, but in future, I will make this scanner for other languages too. Focused languages are:- PHP, ASP, PYTHON JAVA. Let me know if anyone interested.

Also, I will update this tool regularly to make it more powerful.

You might also like...
CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain device credentials.

EntySec 118 Dec 24, 2022
SSRF search vulnerabilities exploitation extended.
SSRF search vulnerabilities exploitation extended.

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).

Andri Wahyudi 13 Jul 4, 2021
Small python script to look for common vulnerabilities on SMTP server.
Small python script to look for common vulnerabilities on SMTP server.

BrokenSMTP BrokenSMTP is a python3 BugBounty/Pentesting tool to look for common vulnerabilities on SMTP server. Supported Vulnerability : Spoofing - T

null 39 Dec 16, 2022
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o

null 2 Nov 9, 2022
Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries

Binary check tool to identify command injection and format string vulnerabilities in blackbox binaries. Using xrefs to commonly injected and format string'd files, it will scan binaries faster than Firmware Slap.

Christopher Roberts 3 Nov 16, 2021
A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in

Black Hat Ethical Hacking 5 Aug 9, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

null 3 Feb 20, 2022
Something I built to test for Log4J vulnerabilities on customer networks.

Log4J-Scanner Something I built to test for Log4J vulnerabilities on customer networks. I'm not responsible if your computer blows up, catches fire or

null 1 Dec 20, 2021
Visibility and Mitigation for Log4J vulnerabilities

Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux

SentinelLabs 15 May 21, 2022
Comments
  • ValueError: Invalid format string

    ValueError: Invalid format string 

    logger.info("Starting the scanner - " + str(time.strftime("%Y-%m-%d-%hh-%MM-%ss")) +'\n')

    ValueError: Invalid format string scscanner.py line:39 I changed it to logger.info("Starting the scanner - " + str(time.strftime("%Y-%m-%d")) +'\n') But I'm not sure if it's accurate,Because there is no error in the operation, but there is no result image

    opened by SkinAir 6
  • error - doesn't run

    error - doesn't run

    python scscanner.py -h

    Traceback (most recent call last): File "scscanner.py", line 3, in from helper import yaml_main, php_main File "/root/scodescanner/helper.py", line 2, in from typing import final ImportError: cannot import name 'final' from 'typing' (/root/.pyenv/versions/3.7.13/lib/python3.7/typing.py)

    opened by svchost9913 3
  • Module not found - No module named 'src.php'

    Module not found - No module named 'src.php'

    I am getting an error when running the command python3 scscanner.py --help

    Traceback (most recent call last):
  File "/home/corrupted/scodescanner/scscanner.py", line 3, in <module>
    from helper import yaml_main, php_main
  File "/home/corrupted/scodescanner/helper.py", line 4, in <module>
    from src.php.folder_parserer import folderparser, fileparser
ModuleNotFoundError: No module named 'src.php'

    image

    opened by banner-prog 1
  • error - doesn't run

    error - doesn't run

    Hi,

    this is what I get when running python3 scscanner.py

    
Traceback (most recent call last):
  File "scscanner.py", line 3, in <module>
    from helper import yaml_main, php_main
  File "/home/adrian/Downloads/tools/scodescanner/helper.py", line 10, in <module>
    from src.common.file_sender import jira_issue_creater, slack_issue_creator
ModuleNotFoundError: No module named 'src.common'
    opened by adrian-rt 4
Releases(v3.1.0)

  • v3.1.0(Jun 3, 2022)

    CHANGELOG-

    • Added yaml scanning capability
    • Better code
    • Reduces false positives
    • Improved command agrument list
    • Added new yaml rules file - rules.yaml inside rules/yaml directory.
    • ignore low hanging fruits with severity.
    • Yaml scanner have ability to give output in beautiful JSON file.
    Source code(tar.gz)
    Source code(zip)

  • v2.1.0(Apr 20, 2022)

    CHANGELOG:

    1. Improved Code by removing unnecessary code

    2. Improved Rules.

    3. Rules now contains the tracking of the variable, Example:

        $var1 = $_GET['a'];
  $var2 = $_GET['b'];

 echo htmlspecialchars($var1 ); This will Ignore
 echo $var1; This will match

 $encryptedvalue = htmlspecialchars($var2);
 echo $encryptedvalue; this will ignore

 echo $var2; this will match

    4. Added --check flag - Which is responsible for removing the false positives.

    5. Addded Jira intergraion - Now we can send the output file directly to Jira instance.

    6. Added Slack Integration - We can send file to slack channel

    Source code(tar.gz)
    Source code(zip)

  • v2.0.0(Mar 4, 2022)

Owner
GitHub Repository
A web-app helping to create strong passwords that are easy to remember.

This is a simple Web-App that demonstrates a method of creating strong passwords that are still easy to remember. It also provides time estimates how long it would take an attacker to crack a passwor

2 Jun 04, 2021
Brute-Force-Connected

Brute-Force-Connected Guess the password for Connected accounts the use : Create a new file and put usernames and passwords in it Example : joker:1234

4 Jun 05, 2022
Course: Information Security with Python

Curso: Segurança da Informação com Python Curso realizado atravès da Plataforma da Digital Innovation One Prof: Bruno Dias Conteúdo: Introdução aos co

Elizeu Barbosa Abreu 1 Nov 28, 2021
Privilege escalation with polkit - CVE-2021-3560

Polkit-exploit - CVE-2021-3560 Privilege escalation with polkit - CVE-2021-3560 Summary CVE-2021-3560 is an authentication bypass on polkit, which all

Ahmad Almorabea 95 Dec 27, 2022
Exploit-CVE-2021-21086

CVE-2021-21086 Exploit This exploit allows to execute a shellcode in the context of the rendering process of Adobe Acrobat Reader DC 2020.013.20074 an

Faraday 23 Nov 09, 2022
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

HakCat 62 Jan 08, 2023
Volunteer & Campaign Management System

Cleansweep Requirements A Linux (or Mac OS X) node with the following software installed. Ubuntu 14.04 is preferred. PostgreSQL 9.3 database server Py

Aam Aadmi Party 39 May 24, 2022
KeyKatcher is a keylogger that records keystrokes made on a computer and sends to the E-Mail.

What is a keylogger? A keylogger is a software application or piece of hardware that monitors and records keystrokes made on a computer keyboard. The

Himank_Jain 7 Sep 19, 2022
HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures.

HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu

EntySec 100 Dec 23, 2022
Worm/Trojan/Ransomware/apt/Rootkit/Virus Database

Pestilence - The Malware Database [] Screenshot Pestilence is a project created to make the possibility of malware analysis open and available to the

*ERR0R* 47 Dec 21, 2022
Buff A simple BOF library I wrote under an hour to help me automate with BOF attack

What is Buff? A simple BOF library I wrote under an hour to help me automate with BOF attack. It comes with fuzzer and a generic method to generate ex

0x00 3 Nov 21, 2022
Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 09, 2022
CVE-2022-22965 - CVE-2010-1622 redux

CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la

Duarte Duarte 20 Aug 25, 2022
Search Shodan for Minecraft server IPs to grief

GriefBuddy This script searches Shodan for Minecraft server IPs to grief. This will return all servers connected to the public internet which Shodan h

26 Dec 29, 2022
🐝 ℹ️ Honeybee extension for export to IES-VE gem file format

honeybee-ies Honeybee extension for export a HBJSON file to IES-VE GEM file format Installation pip install honeybee-ies QuickStart import pathlib fro

Ladybug Tools 4 Jul 12, 2022
Undetectable Keylogger that reports to Discord

FUD Keylogger That Reports To Discord This python script will capture all of the keystrokes within a given time frame and report them to a Discord Ser

Dimitris Kalopisis 36 Dec 20, 2022
BETA: Layla - recon tool for bug bounty

WELCOME TO LAYLA Layla is a python script that automatically performs recon on a

Matheus Faria 68 Jan 04, 2023
Cobalt Strike Beacon configuration extractor and parser.

Cobalt Strike Configuration Extractor and Parser Overview Pure Python library and set of scripts to extract and parse configurations (configs) from Co

Stroz Friedberg 102 Dec 18, 2022
DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

DependConfusion-X Tool is written in Python3 which allows security researcher/bug bounty hunter to scan and monitor list of hosts for Dependency Confusion.

Ali Fathi Ali Sawehli 4 Dec 21, 2021
NS-LOOKUP - A python script for scanning website for getting ip address of a website

NS-LOOKUP A python script for scanning website for getting ip address of a websi

Spider Anongreyhat 5 Aug 02, 2022