Offensive Information And Vulnerability Scanning Using Striker

"Striker" is an offensive information and vulnerability scanner. According to the author, Striker can perform offensive information and vulnerability scanning.

You can perform following scans using the Striker scanner. Provide a domain name and it will perform following scans.

• Check and bypass Cloudflare.
• Retrieve Server and Powered by Headers.
• Fingerprint the operating system of Web Server.
• Detect CMS.
• Launch WPScan if the target is using Wordpress CMS.
• Retrieve robots.txt.
• Whois lookup.
• Check if the target is a honeypot.
• Port scan with banner grabbing.
• Dumps all kind of DNS records.
• Generate a map for visualizing the attack surface.
• Gather Emails related to the target.
• Find websites hosted on the same web server.
• Find hosts using Google.
• Crawl the website for URLs having parameters.
• SQLi scan using online implementation of SQLMap (takes < 3 mins).
• Basic XSS scanning.

You can install the Striker by cloning the official repository. Alternatively, you can download the Zip file.

git clone https://github.com/UltimateHackers/Striker

Go to the Striker folder and install the requirements using following commands.

cd Striker

pip install -r requirements.txt

After the installation of requirements, you can launch the Striker using the following command.

python striker.py

Enter the target address and it will start the scanning process. Depending on the complexity of the scan, the process will take a couple of minutes.

To open the map for visualizing the attack surface, click the DNS map URL.

You can contribute to this project by reporting any bugs you encounter and helping the author to add more features to it.