Web security assessment tool for self-auditing web applications

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for dclavijo from gravatar.com dclavijo

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Author: Dario Clavijo
  • Requires: Python >=3.11
  • Provides-Extra: all , dev , lint , test
Report project as malware

Project description

paranoic-scan

Web security assessment tool for self-auditing web applications. Based on Paranoic Scan 1.7 (2014) by Doddy Hackman - modernized to Python with updated security patterns.

Note: This tool is based on a 2014 Perl tool and is intended for authorized security testing on systems you own or have permission to test. The vulnerability detection techniques may be outdated for modern applications with WAF/IPS protection.

PyPI Python Ruff

Install

pip install paranoic-scan

Usage

# Find admin panels
paranoic-scan panel http://example.com

# Scan for SQL injection
paranoic-scan sqli http://example.com/page?id=1

# Scan for LFI
paranoic-scan lfi http://example.com/view?file=

# Scan for XSS
paranoic-scan xss http://example.com/search?q=

# Try admin login bypass
paranoic-scan bypass http://example.com/admin/login

# Find directory listings
paranoic-scan paths http://example.com

# HTTP fingerprinting
paranoic-scan httpfinger http://example.com

# Port scan
paranoic-scan portscan 192.168.1.1

# MD5 encode
paranoic-scan md5 "password"

# MD5 crack
paranoic-scan crack 098f6bcd4621d373cade4e832627b4f6

# Encoder utilities
paranoic-scan encode b64 "text"
paranoic-scan encode hex "text"
paranoic-scan encode url "text"
paranoic-scan encode bin "text"
paranoic-scan encode ascii "text"

CLI

paranoic-scan --help

API

from paranoic_scan import (
    scan_panel,
    scan_sqli,
    scan_lfi,
    scan_xss,
    encode_md5,
)

# Find admin panels
panels = scan_panel("http://example.com", count=5)

# Scan for SQLi
is_vulnerable = scan_sqli("http://example.com?id=1")

# Encode MD5
hash = encode_md5("password")

Development

git clone https://github.com/daedalus/paranoic-scan.git
cd paranoic-scan
pip install -e ".[test]"

# run tests
pytest

# format
ruff format src/ tests/

# lint
ruff check src/ tests/

# type check
mypy src/

Disclaimer

This tool is provided for authorized security testing only. Use only on systems you own or have explicit written permission to test. The author is not responsible for any misuse or damage caused by this tool.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for dclavijo from gravatar.com dclavijo

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Author: Dario Clavijo
  • Requires: Python >=3.11
  • Provides-Extra: all , dev , lint , test

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

paranoic_scan-0.1.0.tar.gz (10.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

paranoic_scan-0.1.0-py3-none-any.whl (11.8 kB view details)

Uploaded Python 3

File details

Details for the file paranoic_scan-0.1.0.tar.gz.

File metadata

  • Download URL: paranoic_scan-0.1.0.tar.gz
  • Upload date:
  • Size: 10.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for paranoic_scan-0.1.0.tar.gz
Algorithm Hash digest
SHA256 ecc6204c79f0d4c237d6cc7997df3bcc42bb6c94daa56ae41bd2fd6d025e3cf4
MD5 91b407fe1aa70933006a3e286a26abfb
BLAKE2b-256 8eca084ee01b99279257d5e9195c416728bb8aaebb329f5592c464f0b9a1255a

See more details on using hashes here.

Provenance

The following attestation bundles were made for paranoic_scan-0.1.0.tar.gz:

Publisher: pypi-publish.yml on daedalus/paranoic-scan

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file paranoic_scan-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: paranoic_scan-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 11.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for paranoic_scan-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0661acaa03b228d8b45cb75b2181aa70a405558cd1bbb2a1f792057d5a3726eb
MD5 94245a915d7c39fad04e75a5a42c3de3
BLAKE2b-256 9b31863fec5ea27c30a27708accd30f35ffa7184c1154f7607ef0a7464715a1a

See more details on using hashes here.

Provenance

The following attestation bundles were made for paranoic_scan-0.1.0-py3-none-any.whl:

Publisher: pypi-publish.yml on daedalus/paranoic-scan

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page