Spaghetti – An Open Source Web Application Security Scanner

  • 579
  •  
  •  
  • 2
  • 10
  •  
  •  
    591
    Shares

Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment.

Some of its features include:

  • Fingerprinting (Server and Web Frameworks (CakePHP,CherryPy,…)
  • Discovery: (Bruteforce, Admin Interface, Common Backdoors)
  • Disclosure: (Emails, Private IPs)
  • Attacks: (HTML Injection, SQL Injection)

Getting Started

First, we have to clone the tool by typing the following command:

git clone https://github.com/cyberheartmi9/spaghetti.git

Spaghetti1

The once cloned, we change directory by typing the following command:

cd Security_Spaghetti

Then we install the requirements by typing the following command

pip install -r requirements.txt

Spaghetti2

Then we start spaghetti by typing the following command:

python spaghetti.py

Spaghetti3

Then to use the tool against your target website, type the following command:

python spaghetti --url [here type a url of your choice] --scan 0 --random-agent –verbose

[Type the URL for which your client has given permission to pen test].

Spaghetti4

What Bunny Rating Does it Get

Spagetti is an effective tool for web application scanning. It can gather information as well as attack a web application. This is a powerful tool and ay be useful for a red team engagement, I award it a 4.5 out of 5 bunnies.

Want to learn more about ethical hacking?

We have a  networking hacking course that is of a similar level to OSCP, get an exclusive 95% discount HERE

Do you know of another GitHub related hacking tool?

Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

The following two tabs change content below.
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]
Avatar

Latest posts by Unallocated Author (see all)

Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!