0009078: codeinjection-scan-ml-ai - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0009078	Kali Linux	New Tool Requests	public	2025-01-25 17:35	2025-01-26 09:40

Reporter	mrharoonawan	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	new	Resolution	open

Summary	0009078: codeinjection-scan-ml-ai
Description	Code Injection Scanner is a powerful tool designed to identify and exploit vulnerabilities in Dynamic Applications such as php ASP, ASPX, PHP.... and more. It features automated crawling, diverse payload injections, AI-based detection, comprehensive reporting, and multiprocessing support to ensure efficient and accurate vulnerability assessments. Features Automated Crawling: Recursively crawl target domains to discover PHP-related endpoints. Extended PHP Extensions Support: Scans .php, .php3, .php4, .php5, .php7, .php8, .phtml, and other PHP-related extensions. Diverse Payloads: Reflected XSS, Stored XSS, Advanced SQL Injection, Advanced Command Injection, SSRF, IDOR, XML, Authorization Bypass Payloads, LFI, RFI, RCE, Crypto and much more.... OWASP Framework Support: Supports full Owasp top 10 framework for vulnerabilities and produce heuristics for further testing and exploitation.... AI-Based Detection: Leverages machine learning models to enhance vulnerability detection accuracy. Comprehensive Reporting: Generates detailed HTML reports highlighting discovered vulnerabilities. Multiprocessing Support: Speeds up the scanning process by utilizing multiple CPU cores. Flexible Configuration: Supports integration with Wayback Machine and CommonCrawl for extensive URL

mrharoonawan 2025-01-25 17:36 reporter ~0020291	URL: https://github.com/haroonawanofficial/codeinjection-scan-ml-ai

kali-bugreport 2025-01-25 18:11 reporter ~0020292	Looks like the Kali Team is usually pointing to https://www.kali.org/docs/development/public-packaging/ for packaging requests.

mrharoonawan 2025-01-26 09:40 reporter ~0020294	[Version]: 1.0 - The tool is tagged with a proper release version (v1.0) on the GitHub repository. [Author]: Haroon Awan <[email protected]> [Description]: codeinjection-scan-ml-ai is a Python-based tool that leverages machine learning and artificial intelligence to identify and analyze code injection vulnerabilities. It scans target endpoints for injection points and provides actionable insights. [Dependencies]: Python 3.10 or later - Virtual environment (python3-venv) - Python libraries: requests, beautifulsoup4, termcolor, joblib, pandas [Activity]: The project started in 2025 and is actively maintained. Regular updates will address emerging vulnerabilities and improve scanning capabilities. [How to install]: wget https://github.com/haroonawanofficial/codeinjection-scan-ml-ai/releases/download/v1.0/codeinjection-scan-ml-ai.deb Install the package: sudo dpkg -i codeinjection-scan-ml-ai.deb Fix any missing dependencies (if required): sudo apt-get install -f [How to use]: After installation, the tool can be executed directly using: codeinjectionscan-ml-ai --help [Example command]: codeinjectionscan-ml-ai --url http://testphp.vulnweb.com --scan Hope all is good, please verify and let me know. I have used all details from https://www.kali.org/docs/development/public-packaging/

Date Modified	Username	Field	Change
2025-01-25 17:35	mrharoonawan	New Issue
2025-01-25 17:36	mrharoonawan	Note Added: 0020291
2025-01-25 18:11	kali-bugreport	Note Added: 0020292
2025-01-26 09:40	mrharoonawan	Note Added: 0020294