Altair: A Modular Web Vulnerability Scanner
Altair is a Python based tool that does not require any specific packages to be installed as a pre-requisite. The SQLMAP and Lfier tools must be available on the disposal of the tool if the goal is to exploit the (LFI,SQL) vulnerabilities found during the scanning process.
Installation:
Step 1: git clone https://github.com/evilsocket/altair
Step 2: cd altair
Step 3: ./altair -h
Demo
Usage
# ./altair -u (www.Targetsite.com)
Example: ./altair -u testsite.com
-u for Url
Commands And Usages
-h, --help show this help message and exit
-t THREADS, --threads=THREADS
Max simultaneous threads.
-e ALLOWEDEXTENSIONS, --ext=ALLOWEDEXTENSIONS
Comma separated allowed extensions.
-a USERAGENT, --ua=USERAGENT
Custom user agent.
-d, --enable-delay Enable crawling delay.
-s CRAWLDELAY, --crawl-delay=CRAWLDELAY
Crawling delay in ms.
-m MAXDIRECTORYDEPTH, --max-depth=MAXDIRECTORYDEPTH
Max directory depth.
-p, --enable-proxy Enable proxy support.
-S PROXYSERVER, --proxy-server=PROXYSERVER
Proxy server address.
-P PROXYPORT, --proxy-port=PROXYPORT
Proxy server port.
-f KBFILTER, --filter=KBFILTER
Comma separated ids of vulnerabilities to test,
default to all, use the --list-ids flag to enumerate
available ids.
-I, --list-ids Print a list of available ids in the knowledge base to
be used with the --filter flag.
-k KBFILE, --kb=KBFILE
Knowledge base file to use, default kb.xml.
-L MODULES, --load-modules=MODULES
Comma separated modules names to load or 'all' to load
them all, use the --list-modules flag to a list of
available modules.
-M, --list-modules Print a list of available modules.
-u URL, --url=URL Url to test, mandatory.
-O OUTFILE, --output=OUTFILE
Output status and result to file.
--import-files=IMPORTFILES
Import sensitive files list from this file.
--import-dirs=IMPORTDIRS
Import sensitive directories list from this file.
--single-mode Single url mode, scan only this url for
vulnerabilities (the URL has to have at least one
parameter).