Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add OSTE meta scanner project #795

Merged
merged 5 commits into from
Aug 9, 2023
Merged

Add OSTE meta scanner project #795

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
0126832
Create OSTE_Meta_Scanner
OSTEsayed Aug 8, 2023
5e8f5ce
Fixing Table of Contents
OSTEsayed Aug 8, 2023
eadbfc5
Delete OSTE_META_SCANNER.md page
OSTEsayed Aug 9, 2023
d9ab0a4
Update tools.json Adding OSTE Meta Scanner
OSTEsayed Aug 9, 2023
0d8172b
Update _data/tools.json
kingthorin Aug 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 58 additions & 0 deletions pages/OSTE_Meta_Scanner
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
---
title: OSTE Meta Scanner
layout: col-sidebar
author: Seyyid Taqy eddine Oudjani
contributors:
tags: Dynamic application security tool, DAST, Web Vulnerability Assessments
permalink: /OSTE_Meta_Scanner
---

{% include writers.html %}

## Table of Contents

- [Overview](#Overview)
- [Introduction](#introduction)
- [Features](#features)
- [License](#license)
- [References](#References)
kingthorin marked this conversation as resolved.
Show resolved Hide resolved

## Overview
The OSTE Meta Scanner project aims to simplify the field of Dynamic Application Security Testing. it is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, OWASP ZAP, Nuclei, SkipFish, and Wapiti.

## Introduction
This software offers a user-friendly graphical interface that presents a comprehensive report for each scan, making the scanning process effortless and straightforward.

The main focus of this scanner is on web injection vulnerabilities such as SQL injection, XSS injection, OS command injection, XML injection, and many more. Additionally, it provides a list of vulnerabilities supported by each scanner, apart from injection vulnerabilities.

It offers two types of reports. The first is a consolidated report in JSON format, which includes important reports from each scanner. It contains details such as the vulnerability, the corresponding URL, the parameter used, the Curl command, the attack vector, a description of the vulnerability, and more.

The second report is an HTML file format that specifically highlights successful injection attacks. The scanner results and decisions are based on a novel learning algorithm proposed during the ("A Meta-Scan based approach for the detection of injection vulnerabilities in Web applications.", -University May 8, 1945 -Guelma -, Computer Science Department, Presented by: SEYYID TAQY EDINE OUDJANI, Supervised by: DR. ABDELHAKIM HANNOUSSE. 2023).

## Features

List of Main Vulnerabilities supported:
1. Injection
- SQL injection
- Cross-site scripting
- OS command injection
- XML injection
- XSLT injection
- XML External entites
- code injection
- host header injection
- HTML injection
- Template injection (server-side)
- CRLF injection
- OGNL injection
2. Other vulnerabilities (refer to the repository of each scanner for a complete list.)
- Skipfish Vulnerabilities Support List.
- Wapiti Vulnerabilities Support List.
- OWASP ZAP Active Attack list.
- Nikto Vulnerabilities support List (Specified: Tunning 9 & 4).
- Nuclei CVE-Template.
## Installation

The installation process requires a specific set of requirements. While this project is primarily supported on Kali Linux, You can find further information on the GitHub repository at [https://github.com/OSTEsayed/OSTE-Meta-Scan].
## References
- https://github.com/OSTEsayed/OSTE-Meta-Scan