Advanced Web Security Scanner — A comprehensive security assessment tool with both CLI and web interface for detecting technologies, vulnerabilities, sensitive files, and default credentials.
- Technology Detection: CMS, frameworks, servers, databases, JavaScript libraries, devices.
- Vulnerability Discovery: CVE lookup, exploit search.
- Sensitive File Detection: Automated scanning for sensitive files.
- Default Credential Testing: Default credentials testing.
- Port Scanning: Port scanning and service identification.
- Cloudflare Bypass: Cloudflare bypass attempts.
- Scheduled Scans: Automated scan scheduling.
- Python 3.10 or higher
- pip
- SQLite3
- searchsploit
git clone <repository-url>
cd FullMutepip install -r requirements.txtpip install -e .https://www.exploit-db.com/searchsploit# Initialize scanner database
fullmute init
# Scan domains from a file
fullmute scan targets.txt
# Scan a single domain
fullmute scan-one example.com
# Search scan results
fullmute search
# Start web interface
fullmute web start# Initialize web database
fullmute web init
# Start the web server
fullmute web startAccess the web interface at: http://localhost:8080
Initialize the scanner database.
Scan multiple domains from a file.
Scan a single domain.
Search through scan results.
Start the web server.
Initialize the web database with the default admin user.
Main pages:
- Dashboard — Overview of scans, statistics.
- Targets — Manage target domains.
- Scans — View scan history.
- New Scan — Create a new scan.
- Reports — Generate PDF reports.
- Settings — Admin configuration.
Authentication uses JWT tokens, CSRF tokens, and rate limiting.
MIT License - See LICENSE file for details.
FullMute — Comprehensive security scanning for modern web applications.