Tuesday, June 13, 2017



Arachni - Web Application Security Scanner Framework


Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify (or avoid) false-positives.
Unlike other scanners, it takes into account the dynamic nature of web applications, can detect changes caused while travelling through the paths of a web application’s cyclomatic complexity and is able to adjust itself accordingly. This way, attack/input vectors that would otherwise be undetectable by non-humans can be handled seamlessly.
Moreover, due to its integrated browser environment, it can also audit and inspect client-side code, as well as support highly complicated web applications which make heavy use of technologies such as JavaScript, HTML5, DOM manipulation and AJAX.
Finally, it is versatile enough to cover a great deal of use cases, ranging from a simple command line scanner utility, to a global high performance grid of scanners, to a Ruby library allowing for scripted audits, to a multi-user multi-scan web collaboration platform.
Note: Despite the fact that Arachni is mostly targeted towards web application security, it can easily be used for general purpose scraping, data-mining, etc. with the addition of custom components.

A stable, efficient, high-performance framework

Checkreport and plugin developers are allowed to easily and quickly create and deploy their components with the minimum amount of restrictions imposed upon them, while provided with the necessary infrastructure to accomplish their goals.
Furthermore, they are encouraged to take full advantage of the Ruby language under a unified framework that will increase their productivity without stifling them or complicating their tasks.
Moreover, that same framework can be utilized as any other Ruby library and lead to the development of brand new scanners or help you create highly customized scan/audit scenarios and/or scripted scans.

Simplicity 

Although some parts of the Framework are fairly complex you will never have to deal them directly. From a user’s or a component developer’s point of view everything appears simple and straight-forward all the while providing power, performance and flexibility.
From the simple command-line utility scanner to the intuitive and user-friendly Web interface and collaboration platform, Arachni follows the principle of least surprise and provides you with plenty of feedback and guidance.

In simple terms

Arachni is designed to automatically detect security issues in web applications. All it expects is the URL of the target website and after a while it will present you with its findings.

Features

General

  • Cookie-jar/cookie-string support.
  • Custom header support.
  • SSL support with fine-grained options.
  • User Agent spoofing.
  • Proxy support for SOCKS4, SOCKS4A, SOCKS5, HTTP/1.1 and HTTP/1.0.
  • Proxy authentication.
  • Site authentication (SSL-based, form-based, Cookie-Jar, Basic-Digest, NTLMv1, Kerberos and others).
  • Automatic log-out detection and re-login during the scan (when the initial login was performed via the autologinlogin_script or proxy plugins).
  • Custom 404 page detection.
  • UI abstraction:
    • Command-line Interface.
    • Web User Interface.
  • Pause/resume functionality.
  • Hibernation support -- Suspend to and restore from disk.
  • High performance asynchronous HTTP requests.
    • With adjustable concurrency.
    • With the ability to auto-detect server health and adjust its concurrency automatically.
  • Support for custom default input values, using pairs of patterns (to be matched against input names) and values to be used to fill in matching inputs.

Integrated browser environment

Arachni includes an integrated, real browser environment in order to provide sufficient coverage to modern web applications which make use of technologies such as HTML5, JavaScript, DOM manipulation, AJAX, etc.
In addition to the monitoring of the vanilla DOM and JavaScript environments, Arachni's browsers also hook into popular frameworks to make the logged data easier to digest:
  • JQuery
  • AngularJS
In essence, this turns Arachni into a DOM and JavaScript debugger, allowing it to monitor DOM events and JavaScript data and execution flows. As a result, not only can the system trigger and identify DOM-based issues, but it will accompany them with a great deal of information regarding the state of the page at the time.
Full Detail 
||||||https://github.com/Arachni/arachni

KALI LINUX: Download and Extract Arachni

extract :-----      tar -xvzf arachni-1.5.1-0.5.12-linux-x86_64.tar.gz




:~terminal :   ./arachni_web

:~terminal :  ./arachni_rpcd

This start's arachni web scanner & can access at: localhost:9292

User Name: admin@admin.admin
Password: administrator





ZAP (OWASP : ZAP)



OWASP : ZAP

 Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools . It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.

These are the key functionalities of ZAP:


  • Intercepting Proxy
  • Automatic Scanner
  • Traditional but powerful spiders
  • Fuzzer
  • Web Socket Support
  • Plug-n-hack support
  • Authentication support
  • REST based API
  • Dynamic SSL certificates
  • Smartcard and Client Digital Certificates support
You can either use this tool as a scanner by inputting the URL to perform scanning, or you can use this tool as an intercepting proxy to manually perform tests on specific pages.


|||||Download ZAP :  https://github.com/zaproxy/zaproxy




WAPITI - Web Application Security Auditor



WAPITI - VERSION 2.3.0 Wapiti is a web application security auditor.
           


Requirements
============
In order to work correctly, Wapiti needs :
+ Python 2.x where x is >= 6 (2.6, 2.7...)
+ python-requests v1.2.3 or more ( http://docs.python-requests.org/en/latest/ )
+ BeautifulSoup ( http://www.crummy.com/software/BeautifulSoup/ )
+ python-xml


How it works
============

Wapiti works as a "black-box" vulnerability scanner,  that means it won't
study the source code of web applications but will work like a  fuzzer,
scanning the pages of the deployed web application, extracting links and
forms  and attacking  the scripts, sending payloads and looking for error
messages, special strings or abnormal behaviors.


General features
================

+ Generates vulnerability reports in various formats (HTML, XML, JSON, TXT...)
+ Can suspend and resume a scan or an attack
+ Can give you colors in the terminal to highlight vulnerabilities
+ Different levels of verbosity
+ Fast and easy way to activate/deactivate attack modules
+ Adding a payload can be as easy as adding a line to a text file


Browsing features
=================

+ Support HTTP and HTTPS proxies
+ Authentication via several methods : Basic, Digest, Kerberos or NTLM
+ Ability to restrain the scope of the scan (domain, folder, webpage)
+ Automatic removal of a parameter in URLs
+ Safeguards against scan endless-loops (max number of values for a parameter)
+ Possibility to set the first URLs to explore (even if not in scope)
+ Can exclude some URLs of the scan and attacks (eg: logout URL)
+ Import of cookies (get them with the wapiti-cookie and wapiti-getcookie tools)
+ Can activate / deactivate SSL certificates verification
+ Extract URLs from Flash SWF files
+ Try to extract URLs from javascript (very basic JS interpreter)
+ HTML5 aware (understand recent HTML tags)


Supported attacks
=================

+ Database Injection (PHP/ASP/JSP SQL Injections and XPath Injections)
+ Cross Site Scripting (XSS) reflected and permanent
+ File disclosure detection (local and remote include, require, fopen,
  readfile...)
+ Command Execution detection (eval(), system(), passtru()...)
+ XXE (Xml eXternal Entity) injection
+ CRLF Injection
+ Search for potentially dangerous files on the server (thanks to the Nikto db)
+ Bypass of weak htaccess configurations
+ Search for copies (backup) of scripts on the server

Wapiti supports both GET and POST HTTP methods for attacks.
It also supports multipart and can inject payloads in filenames (upload).
Display a warning when an anomaly is found (for example 500 errors and timeouts)
Makes the difference  beetween permanent  and reflected  XSS vulnerabilities.


How to get the best results
===========================

To find more vulnerabilities (as some attacks are error-based), you can modify
your webserver configurations.

For example, you can set the following values in your PHP configuration :
safe_mode = Off
display_errors = On (recommended)
magic_quotes_gpc = Off
allow_url_fopen = On
mysql.trace_mode = On


Where to get help
=================

In the prompt, just type the following command to get the basic usage :
python wapiti.py -h
You can also take a look at the manpage.

If you find a bug, fill a ticket on the bugtracker :
https://sourceforge.net/p/wapiti/bugs/

What is included with Wapiti
============================

Wapiti comes with :
+ a modified version of PyNarcissus (MPL 1.1 License),
  see https://code.google.com/p/pynarcissus/
+ Kube CSS framework ( see http://imperavi.com/kube/ ) and jQuery
  for HTML report generation.


Source code structure (wapitiCore directory)
=====================================
.
|-- attack  # attack modules used for the vulnerabilities Wapiti can detect
|   |-- __init__.py
|   |-- attack.py        # Base for all attack modules
|   |-- mod_backup.py    # This module search backup of scripts on the server
|   |-- mod_blindsql.py  # Time-based blind sql scanner
|   |-- mod_crlf.py      # Search for CR/LF injection in HTTP headers
|   |-- mod_exec.py      # Module used to detect command execution vulnerabilities
|   |-- mod_file.py      # Search for include()/fread() and other file handling vulns
|   |-- mod_htaccess.py  # Try to bypass weak htaccess configurations
|   |-- mod_nikto.py     # Use a Nikto database to search for potentially dangerous files
|   |-- mod_permanentxss.py  # Look for permanent XSS
|   |-- mod_sql.py       # Standard error-based SQL injection scanner
|   `-- mod_xss.py       # Module for XSS detection
|
|-- config
|   |-- attacks   # Here are the text files where you can add payloads
|   |   |-- backupPayloads.txt
|   |   |-- blindSQLPayloads.txt
|   |   |-- execPayloads.txt
|   |   |-- fileHandlingPayloads.txt
|   |   `-- xssPayloads.txt
|   |
|   |-- language   # Compiled language files (.mo)
|   |   |-- en
|   |   |   `-- LC_MESSAGES
|   |   |       `-- wapiti.mo
|   |   |-- es
|   |   |   `-- LC_MESSAGES
|   |   |       `-- wapiti.mo
|   |   |-- de
|   |   |   `-- LC_MESSAGES
|   |   |       `-- wapiti.mo
|   |   |-- fr
|   |   |   `-- LC_MESSAGES
|   |   |       `-- wapiti.mo
|   |   `-- ms
|   |       `-- LC_MESSAGES
|   |           `-- wapiti.mo
|   |
|   |-- reports
|   |   `-- generators.xml  # Database of report engines
|   |
|   `-- vulnerabilities  # Info about vulnerability types (references etc)
|       |-- anomalies.xml
|       `-- vulnerabilities.xml
|
|-- file  # XML parsers used by Wapiti
|   |-- __init__.py
|   |-- anomalyxmlparser.py
|   |-- auxtext.py
|   |-- reportgeneratorsxmlparser.py
|   `-- vulnerabilityxmlparser.py
|
|-- language  # Manage internationalization
|   |-- __init__.py
|   |-- vulnerability.py  # Common strings used by Wapiti
|   `-- language.py
|
|-- language_sources
|   |-- de.po
|   |-- en.po
|   |-- es.po
|   |-- file_list.txt
|   |-- fr.po
|   |-- generateSources.sh  # Script to generate .po files from source code
|   |-- generateTranslations.sh  # Script to compile .po files to .mo files
|   `-- ms.po
|
|-- net
|   |-- HTTP.py    # Wrapper around python-requests, contains HTTP,
|   |              # HTTPResource and HTTPResponse classes.
|   |-- __init__.py
|   |-- crawlerpersister.py  # Class used to store and load scan status
|   |-- jsoncookie.py  # Library to load and save cookies to JSON files
|   |-- jsparser
|   |   |-- __init__.py
|   |   |-- jsparser.py  # Modified version of the PyNarcissus parser
|   |   |
|   |-- lamejs.py  # Home-made and lame JS interpreter using PyNarcissus
|   |-- lswww.py   # HTML parsing is made here
|   `-- swf_parser.py  # Home-made Flash SWF parser, not an ABC interpreter
|
|-- report   # Report generators
|   |-- __init__.py
|   |-- htmlreportgenerator.py  # The HTML generator is based on the JSON one
|   |-- jsonreportgenerator.py
|   |-- openvasreportgenerator.py  # Needs some more work
|   |-- reportgenerator.py   # Abstract class
|   |-- reportgeneratorinfo.py
|   |-- txtreportgenerator.py
|   |-- vulneranetxmlreportgenerator.py
|   `-- xmlreportgenerator.py
|
`-- report_template  # Template used for HTML reports
    |-- css
    |   |-- kube.css
    |   |-- kube.min.css
    |   `-- master.css
    |-- index.html
    |-- js
    |   |-- jquery-1.9.1.min.js
    |   |-- kube.buttons.js
    |    `-- kube.tabs.js
    `-- logo_clear.png

Link :https://github.com/IFGHou/wapiti



WebPwn3r - Web Applications Security Scanner.


webpwn3r :- WebPwn3r - Web Applications Security Scanner.


How to use:
1- python scan.py
2- The tool will ask you if you want to scan URL or List of urls?
1- Enter number 1 to scan a URL

2- Enter number 2 to scan list of URL's
3- URL should be a full link with a parameters
same thing with the list of links.
 WebPwn3r got below Features:
1- Scan a URL or List of URL’s
2- Detect and Exploit Remote Code Injection Vulnerabilities.
3- ~ ~ ~ Remote Command Execution Vulnerabilities.
4- ~ ~ ~ SQL Injection Vulnerabilities.
5- ~ ~ ~ Typical XSS Vulnerabilities.
6- Detect WebKnight WAF.
7- Improved Payloads to bypass Security Filters/WAF’s.
8- Finger-Print the backend Technologies.
|||

Sunday, June 11, 2017

RED HAWK - All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling



RED HAWK -  All In One Tool For Information Gathering, SQL Vulnerability Scanning and Crawling


Features Of The Tool:
  • Server detection
  • Cloudflare detector
  • robots scanner
  • CMS Detector
    • WordPress
    • Joomla
    • Drupal
    • Magento
  • Whois
  • GEO-IP Scan
  • NMAP Port Scan
  • DNS Lookup
  • SubNet Calculator
  • Subdomain Finder
  • Reverse IP Scanner
    • CMS detection For Sites On the same server.
  • Parameter Finder
    • Error based SQLi Detector
  • Crawler
    • Basic Crawler {69}
    • [ - ] Admin scanner
    • [ - ] Backups Finder
    • [ - ] Misc. Crawler
    • Advance Crawler{420}
    • [ - ] Admin scanner
    • [ - ] Backups Finder
    • [ - ] Misc. Crawler

Released Versions:
- Version 1.0.0 [11-06-2017]
Changelog:
  • Version 1.0.0
    • Initial Launch
Installation:
Run The Tool and Type fix This will Install All Required Modules.
Usage:
  • git clone https://github.com/Tuhinshubhra/RED_HAWK
  • cd RED_HAWK
  • php rhawk.php
  • Use the "help" command to see the command list or type in the domain name you want to scan (without Http:// OR Https://).
  • Select whether The Site Runs On HTTPS or not.
  • Leave The Rest To The Scanner


ATSCAN SCANNER


ATSCAN SCANNER

Advanced Search / Dork / Mass Exploitation Scanner 


Tool:
ATSCAN version 12.1
Codename:
Anon4t
AUTHOR:
Ali MEHDIOUI
YOUTUBE:
youtube.com/c/AlisamTechnology

 Description:
● Search engine Google / Bing / Ask / Yandex / Sogou
● Mass Dork Search
● Multiple instant scans.
● Mass Exploitation
● Use proxy.
● Random user agent.
● Random engine.
● Extern commands execution.
● XSS / SQLI / LFI / AFD scanner.
● Filter wordpress and Joomla sites in the server.
● Find Admin page.
● Decode / Encode Base64 / MD5
● Ports scan.
● Extract IPs
● Extract E-mails.
● Auto detect errors.
● Auto detect Cms.
● Post data.
● Auto sequence repeater.
● Validation.
● Post and Get method
● And more...

Libreries to install:
Perl Required.
Works in all platforms. Disponible in Blackarch linux and Dracos systems.

 Download:

 Permissions:
cd ATSCAN
chmod +x ./atscan.pl

 Installation:
chmod +x ./install.sh
./install.sh

 Execution:
Portable Execution: perl ./atscan.pl
Installed Tool Execution: atscan

 Uninstall Tool:
atscan --uninstall




 Commands:
--help / -h / -?
Help.
--proxy
Set tor proxy for scans [EX: --proxy "socks://localhost:9050"]
Set proxy [EX: --proxy "
http://12.45.44.2:8080"]
Set proxy list [EX: --proxy list.txt]
-m
Set engine motors default bing EX: -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
--proxy-random
Random proxy [EX: --proxy-random list.txt] or --proxy-random "socks://localhost:9050"]
--m-random
Random of all disponibles engines
--b-random
Random all disponibles agents
--freq
Random time frequency (in seconds)
--time
set browser time out
--dork / -d
Dork to search [Ex: house [OTHER]cars [OTHER]hotel]
-t
Target
--level / -l
Scan level (+- Number of page results to scan)
-p
Set test parameter EX:id,cat,product_ID
--save / -s
Output.
--content
Print request content
--data
Post and Get forms. See examples
--post
Use post method
--get
Use get method
--header
Set headers
--host
Domain name [Ex: site.com]
--nobanner
Hide tool banner
--beep
Produce beep sound if positive scan found.
--ifend
Produce beep sound when scan process is finished.
--noinfo
Jump extra results info.
--noping
No host ping.
--limit
Limit max positive scan results.
--valid / -v
Validate by string
--status
Validate by http header status
--ifinurl
Get targets with exact string matching
--sregex
Get targets with exact regex matching
--unique
Get targets with exact dork matching
--replace
String to replace
--with
String to replace with
--full
--replace --full Will replace all url parametres from string to the end
--payload
Use your own payloads instead of tool ones
--exp
Exploit/Payload
--sql
Xss scan
--lfi
Local file inclusion
--joomrfi
Scan for joomla local file inclusion.
--shell
--wpafd
Scan wordpress sites for arbitery file download
--admin
Get site admin page
--shost
Get site subdomains
--tcp
TCP port
--udp
UDP port
--sites
Sites in the server
--wp
Wordpress sites in the server
--joom
Joomla sites in the server
--upload
Get sites with upload files in the server
--zip
Get sites with zip files in the server
--md5
Convert to md5
--encode64
Encode base64 string
--decode64
decode base64 string
--TARGET
Will be replaced by target in extern command
--HOST
Will be replaced by host in extern command
--HOSTIP
Will be replaced by host IP in extern command
--PORT
Will be replaced by open port in extern command
--ip
Crawl to get Ips
--regex
Crawl to get strings matching regex
--noquery
Remove string value from Query url [ex: site.com/index.php?id=string]
--command /-c
Extern Command to execute
--email
Get emails
rang(x-y)
EX: --exp "/index.php?id=rang(1-9)" --sql OR -t "site.com/index.php?id=rang(1-9)" --sql
site.com/index.php?id=1 -> 9.
repeat(txt-y)
EX: --exp "/index.php?id=repeat(../-9)wp-config.php" --sql OR -t "site.com/index.php?id=../wp-config.php"
In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times
[OTHER]
To separate values ex: dork1 [OTHER]DORK2 [OTHER]DORK3
[DATA/DATAFILE]
To separate data values ex: --data "name:username [DATA]email:xxxxxx [DATA]pass:xxxxx/[DATAFILE]pass:file.txt"
--update
Update tool
--tool
Tool info.
--config
User configuration.
--pass
Set a password for tool use.
--uninstall
Uninstall Tool.

 Examples:
● PROXY: 
Tor: --proxy [proxy] [Ex: --proxy socks://localhost:9050].
Proxy: Proxy: --proxy [proxy] Ex: 
http://12.32.1.5:8080
or --proxy list.txt Ex: --proxy my_proxies.txt 

● RANDOM: 
Random proxy --proxy-random [proxy list.txt]
Random browser --b-random
Random engine --m-random 

● SET HEADERS:
atscan --dork [dork / dorks.txt] --level [level] --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1"
atscan -t target --data "name:userfile[DATAFILE]value:file.txt --post --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1" 

● SEARCH ENGINE: 
Search: atscan --dork [dork> --level [level]
Search: atscan -d [dork> -l [level]
Set engine: atscan --dork [dork> --level [level] -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
Set selective engines: atscan -d [dork> -l [level] -m 1,2,3..
Search with many dorks: atscan --dork [dork1 [OTHER]dork2 [OTHER]dork3> --level [level]
Search and rand: atscan -d [dork] -l [level] --exp "/index.php?id=rang(1-9)" --sql
Get Server sites: atscan -t [ip] --level [value] --sites
Get Server sites: atscan -t "[ip from]-[ip to]" --level [value] --sites
Get Server sites: atscan -t "ip1 [OTHER]ip2" --level [value] --sites
Get Server wordpress sites: atscan -t [ip] --level [value] --wp
Get Server joomla sites: atscan -t [ip] --level value] --joom
Get Server upload sites: atscan -t [ip] --level [value] --upload
Get Server zip sites files: atscan -t [ip] --level value] --zip
WP Arbitry File Download: atscan -t [ip] --level [[[value] --wpafd
Joomla RFI: atscan -t [ip] --level [10] --joomfri --shell [shell link]
Search + output: atscan --dork [dorks.txt] --level [level] --save
Search + get emails: atscan -d [dorks.txt] -l [level] --email
Search + get site emails: atscan --dork site:site.com --level [level] --email
Search + get ips: atscan --dork [dork] --level [level] --ip 

● REGULAR EXPRESSIONS: 
Regex use: atscan [--dork [dork> / -t [target]] --level [level] --regex [regex]
IP: ((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){ 3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))
E-mails: '((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})' 

● REPEATER:
atscan -t site.com?index.php?id=rang(1-10) --sql
atscan -t [target] --exp "/index.php?id=rang(1-10)" --sql
atscan -t [target] --exp "/index.php?id=repeat(../-9)wp-config.php" 

● PORTS
atscan -t [ip] --port [port] [--udp / --tcp]
atscan -t (ip start)-(ip end) --port [port] [--udp / --tcp]
atscan -t [ip] --port (port start)-(port end) [--udp / --tcp] --command "your extern command" 

● ENCODE / DECODE:
Generate MD5: --md5 [string]
Encode base64: --encode64 [string]
Decode base64: --decode64 [string] 

● DATA:
Post data: atscan -t [target] --data "field1:value1 [DATA]field2:value2 [DATA]field3:value3" [--post / --get]
Wordlist: atscan -t [target] --data "name:userfile [DATAFILE]value:file.txt" [--post / --get]
atscan -t [target] --data "username:john [DATA]pass:1234" [--post / --get]
Post + Validation: --data "name:userfile [DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get] 

● EXTERNAL COMMANDES:
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --TARGET"
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --HOST"
atscan --dork [dork / dorks.txt] --level [level] --command "nmap -sV -p 21,22,80 --HOSTIP"
atscan -d "index of /lib/scripts/dl-skin.php" -l 20 -m 2 --command "php WP-dl-skin.php-exploit.php --TARGET" 

● MULTIPLE SCANS: 
atscan --dork [dork> --level [10] --sql --lfi --wp ..
atscan --dork [dork> --level [10] --replace [string] --with [string] --exp [payload] [--sql / --lfi / --wp /...]
atscan -t [ip] --level [10] [--sql / --lfi / --wp /...]
atscan -t [target] [--sql / --lfi / --wp /...] 

● USER PAYLOADS: 
atscan --dork [dork] --level [10] [--lfi | --sql ..] --payload [payload | payloads.txt] 

● SEARCH VALIDATION: 
atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] --ifinurl [string]
atscan -d [dork / dorks.txt] -l [level] --regex [regex] --valid [string]
atscan -d [dork / dorks.txt] -l [level] --unique 

● SCAN VALIDATION: 
atscan -t [target / targets.txt] [--status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] --exp [payload] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] [--admin / --sql ..] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --full --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --exp [payload] --status [code] / --valid [string]
atscan --data "name:userfile[DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get]
atscan -d [dork / dorks.txt] -l [level] [--sql / --shost ..] --status [code] / --valid [string] 

● UPDATE TOOL:
atscan --update 

● UNINSTALL TOOL: 
atscan --uninstall