sigurlscann3r
A web application attack surface mapping tool. It takes in a list of urls then performs numerous probes
Resources
Features
-
Categorize URLs
URLs' categories
- endpoint - js {js} - style {css} - data {json|xml|csv} - archive {zip|tar|tar.gz} - doc {pdf|xlsx|doc|docx|txt} - media {jpg|jpeg|png|ico|svg|gif|webp|mp3|mp4|woff|woff2|ttf|eot|tif|tiff}
-
Probe HTTP requests for
status_code
,content_type
, e.t.c -
For every URL of category
endpoint
with a query:- Probe for commonly vulnerable parameters (inspired by Somdev Sangwan's Parth).
- Probe for reflected parameters (inspired by Tom Hudson's kxss).
Installation
From Binary
You can download the pre-built binary for your platform from this repository's releases page, extract, then move it to your $PATH
and you're ready to go.
From Source
sigurlscann3r requires go1.14+ to install successfully. Run the following command to get the repo
GO111MODULE=on go get -v -u github.com/signedsecurity/sigurlscann3r/cmd/sigurlscann3r
From Github
git clone https://github.com/signedsecurity/sigurlscann3r.git && \
cd sigurlscann3r/cmd/sigurlscann3r/ && \
go build . && \
mv sigurlscann3r /usr/local/bin/ && \
sigurlscann3r -h
Usage
To display help message for sigurlscann3r use the -h
flag:
sigurlscann3r -h
_ _ _____
___(_) __ _ _ _ _ __| |___ ___ __ _ _ __ _ __ |___ / _ __
/ __| |/ _` | | | | '__| / __|/ __/ _` | '_ \| '_ \ |_ \| '__|
\__ \ | (_| | |_| | | | \__ \ (_| (_| | | | | | | |___) | |
|___/_|\__, |\__,_|_| |_|___/\___\__,_|_| |_|_| |_|____/|_| v1.0.0
|___/
USAGE:
sigurlscann3r [OPTIONS]
GENERAL OPTIONS:
-iL input urls list (use `-iL -` to read from stdin)
-threads number concurrent threads (default: 20)
-update-params update params file
HTTP OPTIONS:
-delay delay between requests (default: 100ms)
-follow-redirects follow redirects (default: false)
-follow-host-redirects follow internal redirects i.e, same host redirects (default: false)
-http-proxy HTTP Proxy URL
-timeout HTTP request timeout (default: 10s)
-UA HTTP user agent
OUTPUT OPTIONS:
-nC no color mode
-oJ JSON output file (default: ./sigurlscann3r.json)
-v verbose mode
Contribution
Issues and Pull Requests are welcome!