A comprehensive, professional-grade security scanning framework for identifying and analyzing web vulnerabilities with enterprise-level accuracy and sophistication.
- Overview
- Architecture
- Features
- Scanners
- Installation
- Usage
- Configuration
- Report Generation
- Contributing
- License
This advanced security scanning framework provides enterprise-grade vulnerability detection capabilities across multiple attack vectors and web technologies. Built with modularity, extensibility, and accuracy in mind, it serves as a comprehensive testing platform for security researchers, penetration testers, and DevSecOps teams.
Key Highlights:
- ⚡ 16+ Specialized Scanners for different vulnerability types
- 🎯 Multi-threaded Architecture for high-performance scanning
- 🔍 Advanced Detection Algorithms with confidence scoring
- 📊 Distributed Scanning capability across multiple nodes
- 🛡️ Enterprise Security Standards compliance
- 🔐 Authentication & Authorization testing support
| Feature | Description |
|---|---|
| Multi-Vector Scanning | Simultaneous detection across multiple attack vectors |
| Intelligent Caching | Multiple cache strategies (LRU, LFU, FIFO, ARC) |
| Distributed Scanning | Scale across multiple nodes with load balancing |
| Authentication Support | Multiple auth methods (Basic, Bearer, JWT, OAuth2, API Key) |
| Advanced Filtering | WAF bypass techniques and filter evasion detection |
| Confidence Scoring | AI-driven confidence metrics for each vulnerability |
| False Positive Reduction | Smart analysis to minimize false positives |
| Comprehensive Logging | Detailed audit trails and statistics |
- ✅ OWASP Top 10 Coverage
- ✅ CWE/CVSS Alignment
- ✅ Enterprise Security Compliance
- ✅ Industry Best Practices
| Scanner | Vulnerabilities Detected | Severity |
|---|---|---|
| XSS Scanner | Reflected, Stored, DOM-based, SVG injection | Critical |
| SQL Scanner | Union-based, Error-based, Time-based, Boolean blind | Critical |
| Command Injection | OS commands, Shell execution, Method override | Critical |
| LDAP Scanner | Authentication bypass, DN enumeration, Attribute extraction | High |
| SSTI Scanner | Jinja2, Twig, FreeMarker, Velocity, and 6+ templates | Critical |
| Scanner | Vulnerabilities Detected | Severity |
|---|---|---|
| CSRF Scanner | Missing tokens, Weak tokens, Predictable tokens | High |
| SSRF Scanner | Internal IP access, Metadata service exposure | High |
| File Upload | Executable upload, Polyglot files, ZIP slip | Critical |
| XXE Scanner | Entity expansion, File inclusion, DoS attacks | Critical |
| Scanner | Vulnerabilities Detected | Severity |
|---|---|---|
| API Scanner | No auth, Data exposure, Rate limiting missing | High |
| GraphQL Scanner | Introspection enabled, Alias attacks, Depth bypass | High |
| WebSocket Scanner | Unencrypted connections, Missing auth | High |
| Subdomain Scanner | Enumeration, Wildcard detection, Takeover risks | Medium |
| OAuth/SAML Scanner | State bypass, Open redirect, Assertion replay | High |
| Scanner | Capabilities | Type |
|---|---|---|
| RCE Scanner | Command output detection, Reverse shells | Advanced |
| Distributed Scanner | Multi-node coordination, Load balancing | Enterprise |
| Payload Generator | Context-aware payloads, WAF bypass | Utility |
| Response Analyzer | Pattern matching, Content extraction | Utility |
Python 3.8+
pip install requests beautifulsoup4 dnspython
Clone repository git clone https://github.com/MoDarK-MK/MoD.git cd security-scanne
Install dependencies pip install -r requirements.txt
Verify installation python scanner.py --version
Love MOD? Give us a ⭐ on GitHub!