A tool for scanning urls

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Neomachine from gravatar.com Neomachine

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Machine Yadav
  • Tags tool, url, scan, hacking
  • Requires: Python >=3.8
Classifiers

Project description

Nemesis

Nemesis Code Grade Code Quality

Description

A simple tool for scanning urls for vulnerabilites and sensitive information. It has lot of pre defined regexes for dom xss possibility detection, secrets leakage, hidden parameters, extra links and much more.

Features

  1. Supports scanning of both html and javascript urls
  2. Pre defined regexes for dom xss (sinks & sources), web services, hidden parameters, endpoints and a lot more are already present.
  3. Shannon entropy helps to find additional suspicious data that can be missed by regexes but may generate false positive so disabled by default.

Usage

usage: Nemesis.py [-h] [--- | -w WORDLIST | -u URL] [-o OUTPUT] [-e] [-t THREADS] [-b]

Nemesis

optional arguments:
  -h, --help            show this help message and exit
  ---, ---              Stdin
  -w WORDLIST, --wordlist WORDLIST
                        Absolute path of wordlist
  -u URL, --url URL     url to scan
  -o OUTPUT, --output OUTPUT
                        Output file
  -e, --enable-entropy  Enable entropy search
  -t THREADS, --threads THREADS
                        Number of threads
  -b, --banner          Print banner and exit

Enjoy bug hunting

Example

  1. Scan a single url
  • Nemesis -u google.com or Nemesis -u https://google.com/closurelibrary.js
  1. Scan from URLs
  • Nemesis -w hakrawler.txt

Limitations

  • Output maybe repeated such as same links again and again
  • Output to file saving is in work
  • Additional logical errors and false positivies from faulty regex

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Neomachine from gravatar.com Neomachine

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Machine Yadav
  • Tags tool, url, scan, hacking
  • Requires: Python >=3.8
Classifiers

Release history Release notifications | RSS feed

1.0.4

1.0.3

This version

1.0.2

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nemesis-scan-1.0.2.tar.gz (9.1 kB view details)

Uploaded Source

File details

Details for the file nemesis-scan-1.0.2.tar.gz.

File metadata

  • Download URL: nemesis-scan-1.0.2.tar.gz
  • Upload date:
  • Size: 9.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.2 importlib_metadata/3.7.2 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.2 CPython/3.9.2

File hashes

Hashes for nemesis-scan-1.0.2.tar.gz
Algorithm Hash digest
SHA256 00d599ce1915b22a7af55c1b21ad501d6892569f94dfa37a91e720168318222e
MD5 d19b76d55ffe7706a24a2957a60b8329
BLAKE2b-256 5d473c79ed7f51eb9f9dd950237b09399f8f02edab80f6f0b4a1b81666a50b6d

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page