import requests
def check_sql_injection(url):
payload = "' OR '1'='1"
response = requests.get(url + payload)
if "error" not in response.text.lower():
return True
return False
def check_xss(url):
payload = "<script>alert('XSS')</script>"
response = requests.get(url + payload)
if payload in response.text:
return True
return False
def scan_vulnerabilities(url):
print(f"Scanning {url} for vulnerabilities...")
if check_sql_injection(url):
print("Potential SQL Injection vulnerability found!")
else:
print("No SQL Injection vulnerability detected.")
if check_xss(url):
print("Potential XSS vulnerability found!")
else:
print("No XSS vulnerability detected.")
if __name__ == "__main__":
target_url = input("Enter a URL to scan for vulnerabilities (e.g., http://example.com): ")
scan_vulnerabilities(target_url)