RaidScanner follows a layered architecture:
-
User Interface Layer:
- Web Interface: Flask-based, uses Socket.IO for real-time updates.
- CLI Interface: Python-based, uses
richandprompt_toolkit.
-
Web Application Layer (
app.py):- Handles HTTP routes and WebSocket events.
- Manages scan sessions and background threads.
-
Core Logic Layer (
core/):- Scanner Engine: Platform-agnostic scanning logic (LFI, SQLi, etc.).
- Report Generator: Creates HTML/JSON reports.
- Payload Loader: Manages attack vectors.
-
Utility Layer (
utils/):- Platform Helper: OS detection, path management.
- Config: Centralized settings.
-
Network Layer:
- Uses
requestsandaiohttpfor HTTP scanning. - Uses
Selenium+ChromeDriverfor browser-based scanning (XSS, OR).
- Uses
- Input: User submits URLs via Web GUI or CLI.
- Processing:
- Request is validated.
- Background thread starts the
ScannerEngine. - Engine iterates through URLs and Payloads using multiple threads.
- Feedback:
- Web: Progress and results emitted via WebSockets (
scan_progress). - CLI: Progress bar updated in terminal.
- Web: Progress and results emitted via WebSockets (
- Output:
- Vulnerabilities stored in memory during scan.
- Final report generated in
reports/(HTML/JSON).
raidscanner/
├── .docker/ # Docker configuration
│ ├── Dockerfile # Container build definition
│ ├── compose.yml # Docker Compose configuration (V2)
│ └── .dockerignore # Docker build exclusions
│
├── bin/ # Binary files and executables
│ └── chromedriver-linux64/ # ChromeDriver for Linux
│
├── core/ # Core scanning logic
│ ├── scanner_engine.py # Platform-agnostic scanners
│ ├── report_generator.py # Report creation (HTML/JSON)
│ └── payload_loader.py # Payload management
│
├── docs/ # Documentation
│ ├── CONTEXT.md # Complete project context for LLMs
│ ├── USER_GUIDE.md # Complete user documentation
│ └── DEVELOPER_GUIDE.md # Architecture & contribution guide
│
├── output/ # Scan results (auto-generated)
│
├── payloads/ # Attack payloads
│ ├── lfi-payloads.txt
│ ├── xss.txt
│ └── sqli/
│
├── reports/ # Generated reports (auto-generated)
│
├── scripts/ # Utility scripts
│ ├── start.sh # Interactive startup script
│ ├── docker-run.sh # Run Docker container (Linux/Mac)
│ └── docker-run.bat # Run Docker container (Windows)
│
├── utils/ # Utility modules
│ ├── config.py # Configuration management
│ └── platform_helper.py # Cross-platform compatibility
│
├── web/ # Web interface
│ ├── templates/ # HTML Templates
│ └── static/ # JS/CSS
│
├── app.py # Flask web application entry point
├── scanner_cli.py # CLI application entry point
├── compose.yml # Docker Compose configuration
├── requirements.txt # Python dependencies (all)
└── requirements-docker.txt # Docker-specific dependencies
The Docker setup ensures a consistent environment across platforms.
- Base Image:
python:3.11-slim - Dependencies:
- Google Chrome (Stable)
- ChromeDriver (Managed by
webdriver_manager) - Xvfb (Virtual Display for headless Chrome)
- Configuration:
shm_size: Set to 2GB+ to prevent Chrome crashes.- Volumes: Maps host directories (
output,reports) to container.
Build Process:
- Installs system dependencies (Chrome, Xvfb).
- Installs Python dependencies from
requirements-docker.txt. - Copies application code.
- Sets entrypoint based on MODE environment variable.
The Web GUI exposes a REST API and WebSocket interface.
- POST
/api/scan/lfi- Body:
{"urls": ["..."], "threads": 5, "success_criteria": ["root:x:0:"]} - Starts an LFI scan
- Body:
- POST
/api/scan/sqli- Body:
{"urls": ["..."], "threads": 5} - Starts a SQL Injection scan (time-based)
- Body:
- POST
/api/scan/xss- Body:
{"urls": ["..."], "threads": 3} - Starts an XSS scan (Selenium-based, uses fewer threads)
- Body:
- POST
/api/scan/or- Body:
{"urls": ["..."], "threads": 5} - Starts an Open Redirect scan
- Body:
- POST
/api/scan/crlf- Body:
{"urls": ["..."], "threads": 5} - Starts a CRLF Injection scan
- Body:
- GET
/api/reports- Returns list of generated reports
- GET
/api/payloads- Returns available payload files
connect: Client connectedscan_progress: Emitted during scan. Contains{type, current_url, scanned, total, found}scan_complete: Emitted when scan finishes with full resultsscan_error: Emitted on failure
# Install dependencies
pip install -r requirements.txt
# Run CLI mode
python scanner_cli.py
# Run web GUI
python app.py# Build and run web GUI
docker compose up -d raidscanner-web
# Or CLI mode
docker compose run --rm raidscanner-cli
# View logs
docker compose logs -f
# Rebuild after changes
docker compose build --no-cache- Add scanner logic to
core/scanner_engine.py - Add payloads to
payloads/ - Create API endpoint in
app.py(web mode) - Add CLI option to
scanner_cli.py(CLI mode)
- Create HTML in
web/templates/ - Add static files to
web/static/ - Add route in
app.py
- Add script to
scripts/ - Make executable:
chmod +x scripts/your-script.sh - Document in
docs/
CLI Mode:
docker compose run --rm raidscanner-cliWeb Mode:
# Start web server
docker compose up -d raidscanner-web
# Test LFI scanner via API
curl -X POST http://localhost:5000/api/scan/lfi \
-H "Content-Type: application/json" \
-d '{"urls": ["http://testphp.vulnweb.com/"], "threads": 5}'- Check
./reports/folder for HTML and JSON files - Verify timestamps and scan results
- Ensure proper formatting and data accuracy
- Add custom payloads to
./payloads/ - Verify they appear in payload selection
- Test that reports are saved to
./reports/ - Confirm output files appear in
./output/
-
DVWA (Damn Vulnerable Web Application)
docker run -d -p 80:80 vulnerables/web-dvwa
-
OWASP WebGoat
docker run -p 8080:8080 webgoat/goatandwolf
-
TestPHP Vulnweb - http://testphp.vulnweb.com (public testing site)
docker compose build# Tag image
docker tag raidscanner:latest zahidoverflow/raidscanner:v2.0
# Push to Docker Hub
docker push zahidoverflow/raidscanner:v2.0