V3n0M – Offensive Security Tool for Vulnerability Scanning & Pentesting



Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

  •  In its current state, it will only work with torrc MAX CIRCUIT DIRTINESS of 10
  •  Cloudflare Resolver [Cloudbuster]
  •  LFI->RCE and XSS Scanning [LFI to RCE & XSS]
  •  SQL Injection Vuln Scanner [SQLi]
  •  Extremely Large D0rk Target Lists
  •  Detects known WAFs
  •  AdminPage Finding
  •  Vulnerable FTPs Scanner [Toxin]
  •  DNS Bruteforcer
  •  Python 3.6 asyncio based scanning
  •  Cloudflare resolver
  •  Extremely quick “Toxin” Vulnerable IP scanner to scan potentially millions of ips for known vulnerable services.
  •  Largest and most powerful d0rker online, searching 14k+ dorks over several engines at once.
  •  Free and Open /src/
  •  Cross-platform Python-based toolkit
  •  Licensed under GPLv3
  •  Built by hackers with full transparency

Install note

Clone the repository:

docker pull vittring/venom:latest
docker build -t vittring/venom:latest .
docker run -ti vittring/venom:latest

Ubuntu users: Please make sure you 

sudo apt-get install python3-bs4 | apt-get install python3-setuptools

Kali users: Please 

apt-get install python3-dev | apt-get install python-dev

Contact Information:

Submit a bug report/pull request with prefix "Query" at the start.

Credits to:

- Architect for the initial encouragement and support in V3n0ms early days
- SageHack for allowing Cloudbuster to be adapted for use within V3n0M
- D35m0nd142 for allowing Collaboration and the use of LFI Suite within V3n0M
- b4ltazar & all members of darkc0de.com for inspiring the project with darkd0rk3r

Make Love and Smoke Trees.