Striker is an offensive information and vulnerability scanner that will make enumeration of remote system using some online services this will make the attack not depending on user connection and it will make attacker avoid being detected or prevented by Intrusion detection system or web application firewalls.
The tool will run SQLMap api to check for SQL injection vulnerabilities , it will verify the CMS version in case any used with whatcms.org, will use honeyscore.shodan.io to check if there is a possible honeypot running on the target and the tool also include several useful plugins to provide detailed information about the target.
The following features included with this tool:
- Check and Bypass Cloudflare
- Retrieve Server and Powered by Headers
- Fingerprint the operating system of Web Server
- Detect CMS (197+ CMSs are supported)
- Launch WPScan if target is using WordPress
- Retrieve robots.txt
- Whois lookup
- Check if the target is a honeypot
- Port Scan with banner grabbing
- Dumps all kind of DNS records
- Generate a map for visualizing the attack surface
- Gather Emails related to the target
- Find websites hosted on the same web server
- Find hosts using google
- Crawl the website for URLs having parameters
- SQLi scan using online implemention of SQLMap (takes < 3 min.)
- Basic XSS scanning
You can read more and download the tool over here: https://github.com/s0md3v/
