icon Book Free Consultation



Altair: A Modular Web Vulnerability Scanner

Altair is a Python based tool that does not require any specific packages to be installed as a pre-requisite. The SQLMAP and Lfier tools must be available on the disposal of the tool if the goal is to exploit the (LFI,SQL) vulnerabilities found during the scanning process.


Step 1: git clone https://github.com/evilsocket/altair

Step 2: cd altair

Step 3: ./altair -h


Lock image



# ./altair -u  (www.Targetsite.com)

Example:  ./altair -u testsite.com

-u for Url

Commands And Usages

-h, --help            show this help message and exit

  -t THREADS, --threads=THREADS
                        Max simultaneous threads.
                        Comma separated allowed extensions.
                        Custom user agent.
  -d, --enable-delay    Enable crawling delay.
  -s CRAWLDELAY, --crawl-delay=CRAWLDELAY
                        Crawling delay in ms.
                        Max directory depth.
  -p, --enable-proxy    Enable proxy support.
                        Proxy server address.
  -P PROXYPORT, --proxy-port=PROXYPORT
                        Proxy server port.
  -f KBFILTER, --filter=KBFILTER
                        Comma separated ids of vulnerabilities to test,
                        default to all, use the --list-ids flag to enumerate
                        available ids.
  -I, --list-ids        Print a list of available ids in the knowledge base to
                        be used with the --filter flag.
  -k KBFILE, --kb=KBFILE
                        Knowledge base file to use, default kb.xml.
  -L MODULES, --load-modules=MODULES
                        Comma separated modules names to load or 'all' to load
                        them all, use the --list-modules flag to a list of
                        available modules.
  -M, --list-modules    Print a list of available modules.
  -u URL, --url=URL     Url to test, mandatory.
  -O OUTFILE, --output=OUTFILE
                        Output status and result to file.
                        Import sensitive files list from this file.
                        Import sensitive directories list from this file.
  --single-mode         Single url mode, scan only this url for
                        vulnerabilities (the URL has to have at least one