Sponsored
Vulnerability Scanner

ATSCAN – Advance Web Application Scanner

Hey Folks, in this tutorial we will discuss on an interesting information gathering tool called “ATSCAN“. The tool specializes in gathering information about the domain name and also provides many features such as: vulnerability scanning, crawling, proxy, port port etc. You can understand a little about this tool through the given description.

Facility

  • Mass Dork Search
  • Multiple instant scans.
  • Mass Exploitation
  • Use proxy.
  • Ports scan.
  • Collect IPs
  • Collect E-mails.
  • XSS / SQLI / LFI / AFD scanner.
  • More

Installation

Just you have to execute the following command and the tool will be automatically installed in your system.

git clone https://github.com/AlisamTechnology/ATSCAN.git
cd ATSCAN
bash install.sh

Simple 😛 !! Now the tool has been successfully configured in our system and we can check all available features in this tool by adding “-h” argument to our command.

atscan -h

Example

This tool is very easy to use because we just have to add our target description after adding the argument “-t”.

Nice 🙂 !! As you can see it has dumped all the important details about the target such as public IP, server, cms details, plugins, versions of plugin and cms etc.

Usage 🙂 !! atscan -t < target URL >

Dump Emails

We can dump all the email addresses available on the web application using the following command.

Usage 🙂 !! atscan -t < target > –email

atscan -t http://testphp.vulnweb.com --email

Find Vulnerability -XSS

It will easily detect if the web application has the following types of vulnerability. Now we will try to find cross site scripting ( xss ) vulnerability in web application by using the following command.

Usage 🙂 !! atscan -t < target > –xss

atscan -t http://testphp.vulnweb.com/listproducts.php?cat=1 --xss

Hm 😛 !! It’s really work ! as you can see that it also gives us proof of concept.

Find Vulnerability – SQL Injection

Similarly we can point out sql injection vulnerability in web application by adding “--sql” argument to the command.

atscan -t http://testphp.vulnweb.com/listproducts.php?cat=1 --sql

That’s all 😛 !! Not only that because it gives us different types of facilities through which we can collect more information about the target.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
Sponsored
Leave a Comment
Share
Published by
Shubham Goyal
Tags: ATSCAN - Advance Web Application Scanneratscan - Penetration Testing ToolATSCAN –Web Applications Scanner with Exploitation Featuresatscan server details finderatscan toolatscan tool for web applicationatscan tool githubatscan tool installationatscan web application scannerbest information gathering toolbest vulnerability scannerbest web application scanner
4 years ago

Recent Posts

Gau (GetAllUrls) – Find Known and Hidden URL

The gau (Get All URLs) tool is a versatile open-source utility that collects URLs from…

2 months ago

Jsluicepp – Burp Extension for JS Secrets – BugBountyTip

Jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic…

7 months ago

Bypassing Firewalls (WAF) with XSS Payloads

Hey Folks :) !! In this tutorial, we will describe some of the techniques commonly…

7 months ago

Termux Cheat Sheet for Hackers

Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…

12 months ago

Cracking the X-Factor in Cybersecurity: How Humans are Protecting the Systems?

Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…

2 years ago

Cariddi – Hidden Endpoint Finder for Bug Hunting

Hey Folks, we are back today after such a long break, but don't worry we…

3 years ago
Sponsored

This website uses cookies.