Skip to content

ItsSubhadip/AegisAPI

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
aegisapi.py
aegisapi.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

🛡️ AegisAPI — Automated API Vulnerability Scanner

AegisAPI is a single-file Python tool that performs passive + active reconnaissance, vulnerability testing, and Shodan enrichment against one domain, then writes an HTML report.

🔥 Features

  • Passive recon via Google Dorks
  • Active recon with gau, waybackurls
  • Vulnerability tests: LFI, RFI, XSS, SQLi, Open Redirect
  • Shodan integration (ports, services, OS)
  • Bootstrap-styled HTML report

⚙️ Prerequisites

  1. Python 3.8+ & pip
python3 -m pip install -r requirements.txt
  1. Go-based tools
# install Go first: https://go.dev/dl/
go install github.com/lc/gau@latest
go install github.com/tomnomnom/waybackurls@latest
go install github.com/tomnomnom/qsreplace@latest
# ensure ~/go/bin is in %%PATH%%

🚀 Usage

  1. Clone repo
  2. Install deps
  3. Run scan
python3 aegisapi.py example.com YOUR_SHODAN_API_KEY
  1. View report
    Open aegis_results/aegis_report.html in any browser.

📂 Outputs

  • aegis_results/aegis_report.html
  • passive_urls.txt
  • active_urls.txt
  • endpoints.txt

⚖️ Legal & Ethical

  • Only scan targets you own or have explicit permission to test.
  • AegisAPI is for educational & authorized security testing only.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages