RapidScan – Free Web Vulnerability Scanner Framework

RapidScan – Free Web Vulnerability Scanner Framework

RapidScan is a python based scanning tool used for analyzing vulnerabilities in web applications. The tool is equipped with scanning utilities, such as Nmap, Golismero, Nikto, Uniscan, and Dnsrecon.

The tool runs these utilities to find vulnerabilities in web applications.  Some well-known checks performed by the tool include XSS, SQLi, DNS zone transfer, Local File Inclusing (LFI), Remote File Inclusion (RFI), Open directory vulnerabilities, open ports, and SSL related vulnerabilities. The tool not only finds out the vulnerabilities but also classifies them into low, medium, high, and critical categories according to the risk definition.

How to Install The Tool

Installation of RapidScan is a straightforward process. The tool can be installed by cloning the Github repository using the following command.

git clone https://github.com/skavngr/rapidscan.git

The tool can be easily run on Kali Linux. The tool requires minimum python 2.7 and scanning tools like Nmap, Golismero, Nikto, Uniscan, and Dnsrecon . The majority of these tools come pre-installed in Kali Linux.

How to Scan with RapidScan

Once the tool is installed, it can be launched using the following command.

./rapidscan.py 

The tool first verifies the availability of the supported scanning tools, and then performs in-depth scanning of the target web application. The tool performs some 80 vulnerability tests.

If a vulnerability is found, it is displayed in the scanning results along with threat level. The tool also provides background information about the discovered vulnerability and remediation suggestions.

Future Development

The tool developers are working to add some new features like:

– Associating the tool with OWASP

– Executive summaries of the discovered vulnerabilities.

– Automatic deployment of the scanning utilities according to the web applications’ architecture.