Menu

ATSCAN – Server, Site and Dork Scanner

Comments Off on ATSCAN – Server, Site and Dork Scanner

Atscan is a Perl script for finding vulnerabilities in servers and sites, as well as a dork scanner.

The tool contains the following

● Search engine Google / Bing / Ask / Yandex / Sogou
● Mass Dork Search
● Multiple instant scans.
● Mass Exploitation
● Use proxy.
● Random user agent.
● Random engine.
● Extern commands execution.
● XSS / SQLI / LFI / AFD scanner.
● Filter wordpress and Joomla sites in the server.
● Find Admin page.
● Decode / Encode Base64 / MD5
● Ports scan.
● Extract IPs
● Extract E-mails.
● Auto detect errors.
● Auto detect Cms.
● Post data.
● Auto sequence repeater.
● Validation.
● Post and Get method
● And more…
★ Libraries to install:
Perl Required.
Works in all platforms. Disponible in Blackarch linux and Dracos systems.
Download:
● git clone https://github.com/AlisamTechnology/ATSCAN
● direct link: https://github.com/AlisamTechnology/ATSCAN
Permissions:
cd ATSCAN
chmod +x ./atscan.pl
Installation:
chmod +x ./install.sh
./install.sh
Execution:
Portable Execution: perl ./atscan.pl
Installed Tool Execution: atscan
Uninstall Tool:
atscan –uninstall

 

Screenshots: 

Help Commands

–tortor proxy [DEFAULT:socks://localhost:9050] Change if needed!
–dorkSearch engine
–mpset number of page results to scan
–xssXss scan
–lfilfi scan
-tTarget
-lList name
–expSet exploit
–validText for validate results
–sqlmapSqlmaping xss results
–sqlmaptorSqlmaping xss results using tor proxy
–lfilocal file inclusion
–joomrfiget joomla sites with rfi in the server
–shellshell link [Ex: http://www.site.com/shell.txt]
–wpadfget wordpress sites with arbitery file download in the server
–adminget site admin page
–shostget site subdomains
–portsscan server ports
–startstart scan port
–endend scan port
–tcptcp ports
–udpudp ports
–allcomplete mode
–basicbasic mode
–sitessites in the server
–wpwordpress sites in the server
–joomjoomla sites in the server
–uploadget sites with upload files in the server
–zipget sites with zip files in the server
–ststring
–md5convert to md5
–encode64encode base64 string
–decode64decode base64 string
–isupcheck http status 200
–httpdprint site httpd version
EXAMPLES:
Simple search: 

-s DORK –mp [number of page results to scan]
-s [DORK1,DORK2,DORK3..] –mp [number of page results to scan]
-s [DORK.txt] –mp [number of page results to scan from list]

Subscan from Serach Engine

Xss: –dork DORK –mp 1 –xss
Xss: –dork DORKS.TXT –mp 1 –xss
Lfi: –dork DORK –mp 1 –lfi
Search + Command: –dork DORK –mp VALUE –command ‘curl -v’ –TARGET

Validation

Xss: –dork DORK –mp 1 –xss –valid TEXT
Lfi: –dork DORK –mp 1 –lfi –valid TEXT
Xss: –dork DORK –mp 1 –xss –isup
Lfi: –dork DORK –mp 1 –xss –isup
Xss: –dork DORKS.TXT –mp 1 –xss –valid TEXT
Lfi: –dork DORKS.TXT –mp 1 –lfi –valid TEXT
Xss: –dork DORKS.TXT –mp 1 –xss –isup
Lfi: –dork DORKS.TXT –mp 1 –xss –isup

Use List / Target

Xss: -t TARGET –xss
Lfi: -l TARGET –lfi
Xss + Validation: -t TARGET –xss –valid TEXT
Lfi + Validation: -t TARGET –lfi –valid TEXT
Xss + Validation: -l list.txt –xss –isup
Lfi + Validation: -l list.txt –lfi –isup
Find admin page: -t TARGET –admin
Find subdomains: -t TARGET –shost

Server: 

Get Server sites: -t IP –mp [VALUE] –sites
Get Server sites: -t IP.txt –mp [VALUE] –sites
Get Server wordpress sites: -t IP –mp [VALUE] –wp
Get Server joomla sites: -t IP –mp [VALUE] –joom
Get Server upload sites: -t IP –mp [VALUE] –upload
Get Server zip sites files: -t IP –mp [VALUE] –zip
WP Arbitry File Download: -t IP –mp [VALUE] –wpadf
Joomla RFI: -t IP –mp <1> –joomfri –shell SHELL LINK
Scan basic tcp (quick): -t IP –ports –basic –tcp
Scan basic udp basic (quick): -t IP –ports –basic –udp
Scan basic udp+tcp: -t IP –ports –basic –udp –tcp
Scan complete tcp: -t IP –ports –all –tcp
Scan complete udp: -t IP –ports –all –udp
Scan complete tcp+udp: -t IP –ports –all –udp –tcp
Scan rang tcp: -t IP –ports –start –end –tcp
Scan rang udp: -t IP –ports –start –end –udp
Scan rang udp + tcp: -t IP –ports –start VALUE –end VALUE –udp –tcp

Encode / Decode: 

Generate MD5: -st STRING –md5
Encode base64: -st STRING –encode64
Decode base64: -st STRING –decode64

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Menu
Live Chat
RESOURCES
Menu
Get Started
TOOLBOX
Menu
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Do NOT follow this link or you will be banned from the site!