This project is strictly for educational and cybersecurity research purposes.
Do not deploy this tool on systems you do not own or have written permission to test. Unauthorized use is illegal.
By using GhostScanner, you agree to comply with all applicable laws and ethical hacking guidelines.
- Smart Crawler: Discovers web pages and endpoints
- XSS Scanner: Detects Cross-Site Scripting vulnerabilities
- SQLi Scanner: Identifies SQL Injection flaws
- Real-Time GUI: Built with
customtkinterfor intuitive monitoring - Multi-Threaded: Fast scanning with concurrent requests
- JSON Reports: Save findings for further analysis
-
Clone the repository:
git clone https://github.com/yourusername/GhostScanner.git cd GhostScanner -
Install dependencies:
pip install -r requirements.txt
-
Launch the GUI:
python main.py
- Enter a target URL (e.g.,
https://example.com) - Click Start Scan to begin vulnerability detection
- Monitor real-time results in the console
- Filter findings by type (All/XSS/SQLi)
- Export results via Save Report
customtkinter>=5.2.1
Pillow>=10.1.0
requests>=2.31.0
beautifulsoup4>=4.12.2
- Obtain explicit written consent before scanning any system.
- Never target production environments without authorization.
- Adhere to laws like the Computer Fraud and Abuse Act (CFAA) and GDPR.
This project is licensed under MIT License. Use responsibly.
👻 Ghost - Because even ghosts leave traces.