Web Penetration Testing

Sitadel – Web Application Security & Vulnerability Scanner

Web Application Security Scanner & Website Vulnerability Scanner

Sitadel is a scanner with open source web application(web scanner). The tool uses the black box method to detect various hazards. Sitadel provides a command line interface that you can use in the Kali Linux terminal to scan strangers and domains. The interactive console provides many useful features, such as command completion and status assistance. Sitadel provides a powerful place where web-based information from an open source can be made and you can gather all the information about the target. This tool is written in python language you must have a python language installed in your kali linux operating system.

Sitadel is a python-based web application scanner. It is flexible and has many different scanning options. It can get full server fingerprints and bruteforce references, manager pages, files etc. Also, it can search for injection type attacks (slq, html, xss, rfi, ldap and more), other information disclosures and popular risk-taking tools.

Features :

  • Fingerprints

    • Server
    • Web Frameworks (CakePHP,CherryPy,…)
    • Frontend Frameworks (AngularJS,MeteorJS,VueJS,…)
    • Web Application Firewall (Waf)
    • Content Management System (CMS)
    • Operating System (Linux,Unix,..)
    • Language (PHP,Ruby,…)
    • Cookie Security
    • Content Delivery Networks (CDN)
  • Attacks:

    • Bruteforce

      • Admin Interface
      • Backdoors
      • Backup Directory
      • Backup File
      • Directory
      • File
      • Log File
    • Injection

      • HTML Injection
      • SQL Injection
      • LDAP Injection
      • XPath Injection
      • Cross Site Scripting (XSS)
      • Remote File Inclusion (RFI)
      • PHP Code Injection
    • Other

      • HTTP Allow Methods
      • HTML Object
      • Multiple Index
      • Robots Paths
      • Web Dav
      • Cross Site Tracing (XST)
      • PHPINFO
      • .Listing
    • Vulnerabilities

      • ShellShock
      • Anonymous Cipher (CVE-2007-1858)
      • Crime (SPDY) (CVE-2012-4929)
      • Struts-Shock
Installation Sitadel


Install Android Termux :

Fast Install Linux Your Termux Your Android Devices read this Post & Articles on how to Install Linux Termux App. Using Termux Linux & Using Linux Installation Commands Step by Step

Also Read : How to Install Kali NetHunter Android Termux No Root

AIso Read : Owasp Zap Installation & Complete Use Guide in Windows & Linux


Install Linux :

Step 1:- Use the following command to install the tool in your kali Linux operating system. Use the second command given below to access the toolbar directory.

git clone https://github.com/shenril/Sitadel.git
cd Sitadel


Step 2 :- So this time we will follow the easy way to install this tool. Look !! Git Utility comes pre-installed on all debian systems so we can download any tool using the “git clone” command. After downloading the project on github we have to install another app on our system called “pip”. Now until the resource is downloaded, we can relax our mind.

apt install pip
pip3 install .

Step 3 :- That’s all and now we can use this tool very well without any problems. Let’s start with a good overview of this tool by using its individual features.

python3 sitadel.py --help


Step 4 :- Missing Protection Articles
In simple words you just need to enter the domain name you want to get the details from and we will show you all the details in the forum. As you can see for example in the image below that when we provide a domain and start giving us that number of security topics that are not available in the web application.

python3 sitadel.py https://www.onlino.in

Acquisition of CMS and WAF
We try many different tools to see these things but this has discarded useful things in just a moment.


Step 5 :- Increase the Risk Level
Basically the risk level feature provided by this tool is only used to find the most useful features in a web application.

python3 sitadel.py https://onlino.in --risk 2


Step 6 :- Custom User Agent
This is very useful for every login inspector to make them completely secure and these same features come together to hide their true identity. As you can see we have included fake user agent details so that each request is recorded on the victim’s web server log called.

python3 sitadel.py -ua "onlino 1.1."

We’ve done it again as you can see each log comes with the same user agent we set up for the attack terminal.

Step 6 :- Run with risk level at DANGEROUS and do not follow redirections

python3 sitadel.py https://www.onlino.in --r 2 --no-redirect


Step 6 :- Run specifics modules only and full verbosity

python3 sitadel.py https://www.onlino.in -a bruteforce -f header server -v


Usage :

sitadel.py [-h] [-r {0,1,2}] [-ua USER_AGENT] [--redirect]
           [--no-redirect] [-t TIMEOUT] [-c COOKIE] [-p PROXY]
           [-f FINGERPRINT [MODULE ...]] [-a ATTACK [MODULE ...]]
           [--config CONFIG] [-v] [--version]
-h, –helpDisplay help
-r, –risk {0,1,2}Decide the risk level you want Sitadel to run (some attacks won’t be executed)
-ua, –user-agentUser agent used for the HTTP request of the attacks
–redirectIndicates to Sitadel to follow the 302 request for page redirection
–no-redirectIndicates to Sitadel NOT to follow the 302 request for page redirection
-t, –timeoutSpecify the timeout for the HTTP requests to the website
-c, –cookieAllows to specify the cookie to send with the attack requests
-p, –proxyAllows to specify a proxy to perform the HTTP requests
-f, –fingerprintSpecify the fingerprint modules to activate to scan the website {cdn,cms,framework,frontend,header,lang,server,system,waf}
-a, –attackSpecify the attack modules to activate to scan the website {bruteforce, injection, vulns, other}
-c, –configSpecify the config file for Sitadel scan, default one is in config/config.yml
-v, –verbosityIncrease the default verbosity of the logs, for instance: -v , -vv, -vvv
–versionShow Sitadel version

Modules list

cdnTry to guess if the target uses Content Delivery Network (fastly, akamai,cloudflare…)
cmsTry to guess if the target uses a Content Management System (drupal,wordpress,magento…)
frameworkTry to guess if the target uses a backend framework (cakephp, rails, symfony…)
frontendTry to guess if the target uses a frontend framework (angularjs, jquery, vuejs…)
headerInspect the headers exchanged with the target
langTry to guess the server language used by the target (asp, python, php…)
serverTry to guess the server technology used by the target (nginx,apache…)
systemTry to guess the Operation System used by the target (linux,windows…)
wafTry to guess if the target uses a Web Application Firewall (barracuda, bigip,paloalto…)
bruteforceTry to bruteforce the location of multiple files (backup files, admin consoles…)
injectionTry to perform injection on various language (SQL,html,ldap, javascript…)
vulnsTry to test for some known vulnerabilities (crime,shellshock)
otherTry to probe for various interesting resources (DAV, htmlobjects,phpinfo,robots.txt…)


web scanner Initially we get basic fingerprints about the target (x frame options, titles, server version). Then it starts to clear on the website. Then the scanner starts to attack something basic against the target. We have found many different results. Now we can search for them in person. In our example we can see that our server is at risk of HTML injection and SQL injection, okay, we did not find any lies in this test.


Hello, I'm SUMAN from India. I’m currently working on Cyber Ethical Hacking Penetration Testing & Bug Bounty. I’m currently learning more about Web Design, Android ROM

Related Articles

Notify of
Inline Feedbacks
View all comments
Back to top button
Would love your thoughts, please comment.x