Awesome Open Source
Awesome Open Source



Offensive Security Framework for Vulnerability Scanning & Pentesting

os pythonver License: GPLV3 Docker Pulls Docker Image Size Code style: black

Version 4.3.3 now requires PROXIES/VPN.

  • [x] USE PROXIES/VPN [Required]
  • [x] Cloudflare Resolver [Cloudbuster]
  • [x] LFI->RCE and XSS Scanning [LFI to RCE & XSS]
  • [x] SQL Injection Vuln Scanner [SQLi]
  • [x] Extremely Large D0rk Target Lists
  • [x] Detects known WAFs
  • [x] AdminPage Finding
  • [x] CCTV/Networked Interfaces discovery [WIP] <<<<
  • [x] Vulnerable FTPs Scanner [Toxin]
  • [x] DNS Bruteforcer
  • [x] Python 3.6 asyncio based scanning
  • [x] Cloudflare resolver
  • [x] Extremely quick "Toxin" Vulnerable IP scanner to scan potentially millions of ips for known vulnerable services.
  • [x] Free and Open /src/
  • [x] Cross-platform Python-based toolkit
  • [x] Licensed under GPLv3
  • [x] Built by hackers with full transparency
  • [x] No more issues with dependencies from pre-alpha release

Example of SQLi Dorker

This is outdated.

NOTE: You MUST install these on Ubuntu and Kali.

Ubuntu users: Please make sure you sudo apt-get install python3-bs4 | apt-get install python3-setuptools

Kali users: Please apt-get install python3-dev | apt-get install python-dev

NOTE: Install Poetry for deps:

curl -sSL | python3 - poetry install # install deps poetry update # when you want to check for deps updates

Docker users: Please see Dockerfile

Contact Information:

Submit a bug report/pull request with prefix "Query" at the start.

Credits to:

- Architect for the initial encouragement and support in V3n0ms early days
- SageHack for allowing Cloudbuster to be adapted for use within V3n0M
- D35m0nd142 for allowing Collaboration and the use of LFI Suite within V3n0M
- b4ltazar & all members of for inspiring the project with darkd0rk3r

Make Love and Smoke Trees.

Alternative Project Comparisons
Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Python (793,618
Vulnerabilities (15,623
Scanner (14,007
Dns (10,185
Exploitation (4,633
Ftp (3,682
Penetration Testing (3,044
Asyncio (2,506
Cloudflare (2,444
Xss (1,732
Aiohttp (930
Metasploit (894
Rce (651
Sql Injection (630
Vulnerability Scanner (483
Lfi (174
Blackarch (21