This document provides comprehensive documentation for the bash-based Web Vulnerability Scanner.
The Web Vulnerability Scanner is an automated security tool designed to perform reconnaissance and vulnerability scanning on a target domain and its subdomains. It focuses on dynamic wordlist generation, comprehensive enumeration, and a multi-faceted approach to fuzzing and vulnerability detection.
crt.sh
.u.txt
) to find non-obvious paths and parameters.security_scan_report.txt
) and generates detailed Nmap output files.Before running the scanner, ensure the following tools are installed and available in your system's PATH:
curl
: For making HTTP requests.jq
: For parsing JSON output from crt.sh
.nmap
: For port scanning and vulnerability detection. (Requires root/sudo privileges for some scan types like sS
).dig
: For DNS lookups.python3
: Used for URL encoding and the HTML parser helper script.