Taipan is a an automated web application scanner which allows to identify web vulnerabilities in an automatic fashion. This project is the core engine of a broader project which include other components, like a web dashboard where you can manage your scan or download a PDF report and a scanner agent to run on specific host.
Taipan is composed of four main components:
+ Web Application fingerprinter: it inspects the given application in order to identify if it is a COTS application. If so, it extracts the identified version.
+ Hidden Resource Discovery: this component scans the application in order to identify resources that are not directly navigable or that shouldn’t be accessed, like secret pages or test pages.
+ Crawler: This component navigates the web site in order to provide to the other components a list of pages to analyze. It allows to mutate the request in order to find not so common pathes.
+ Vulnerability Scanner: this component probes the web application and tries to identify possible vulnerabilities. It is composed of various AddOn in order to easily expand its Knowledge Base.
Use and Download:
download binary here: https://github.com/enkomio/Taipan/releases/latest
or build using visual studio
git clone https://github.com/taipan-scanner/Taipan && cd Taipan
Taipan.exe -u http://127.0.0.1:8080 -p Full