Vulnerability scanner

Spaghetti – Web Application Security Scanner v0.1.1

Written by Mubassir patel

Spaghetti – Web Application Security Scanner v0.1.1

python license

logo

Description

Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment.

main

Installation

$ git clone https://github.com/m4ll0k/Spaghetti.git
$ cd Spaghetti 
$ pip install -r requirements.txt
$ python spaghetti.py --help

Features

  • Fingerprints
    • Server
    • Web Frameworks (CakePHP,CherryPy,Django,…)
    • Web Application Firewall (Waf) (Cloudflare,AWS,Barracuda,…)
    • Content Management System (CMS) (Drupal,Joomla,Wordpress,Magento)
    • Operating System (Linux,Unix,Windows,…)
    • Language (PHP,Ruby,Python,ASP,…)
Example: python spaghetti.py --url target.com --scan 0 --random-agent --verbose

fingerprints

  • Discovery:
    • Apache
      • Apache (mod_userdir)
      • Apache (mod_status)
      • Apache multiviews
      • Apache xss
    • Broken Auth./Session Management
      • Admin Panel
      • Backdoors
      • Backup Directory
      • Backup File
      • Common Directory
      • Common File
      • Log File
    • Disclosure
      • Emails
      • IP
    • Injection
      • HTML
      • SQL
      • LDAP
      • XPath
      • XSS
      • RFI
      • PHP Code
    • Other
      • Allow Methods
      • HTML Object
      • Multiple Index
      • Robots Paths
      • Cookie Security
    • Vulns
      • ShellShock
      • Struts-Shock
Example: python spaghetti.py --url target.com --scan 1 --random-agent --verbose

screen3

About the author

Mubassir patel

Mubassir is a founder and developer of this site. He is a computer science engineer. He has a very deep interest in ethical hacking, penetration testing, website development and including all technology topic.

Leave a Comment