Call: +254 720 362167

Vault Swiss Army Knife – Free tool for hackers 2020

Share on facebook
Share on twitter
Share on linkedin
Share on email
Vault Swiss Army Knife – Free tool for hackers

In this Article

Today in this tutorial we will talk about vault swiss army knife tool for hackers. Vault program is an advanced web scanning python tool. Today everyone is taking there business online with websites applications, but no one think about updats and upgrades. So due to old plugins or platform website got vulnerable. Here we find vulnerability using vault tool.

YOU CAN ALSO CHECK:- How To Make an advanced Wordlist for Bruteforce free in Termux with Cupp



  • Open Termux or kali terminal


  • Type
    pkg install python3


  • Type
    git clone
  • Now  type
    cd vault


  • Type


  • Type
    chmod +x *
  • Now install the requirements file, for that type
    pip3 install -r requirements.txt


Now vault has been installed in your system. 




  • TYPE


  • Now type


  • NOw type
    cd vault


  • After installing requirements file type


  • Now go the src folder for that type
    cd src


  • Now type
    chmod +x *


  • Now run the file type
    python3 -h



  • Scan website for the following vulnerabilities

  •  XSS
  •  LFI
  •  RFI
  •  SQLi
  • Scanner

  •  Port scanning : ACK, FIN, NULL, XMAS
  •  IP scanning : Ping Sweep, ARP
  •  SSL vulnerability scan
  •  OS scan
  •  Hash scanner : MD5, SHA1, SHA224, SHA256, SHA512
  • Others

  • Information Gathering
    •  Clickjacking
    •  jQuery version checking
    •  Insecure cookie flags
    •  Testing HTTP methods
    •  Insecure headers
    •  Header/banner grabbing
    • Finder
      •  Find comments in source code
      •  Find e-mails in source code
  •  Session fixation through cookie injection
  •  Brute force login through authorization headers
  •  URL Fuzzer
  •  WHOIS Lookup
  •  Google Dork
  •  Error handler checker
  •  Admin panel finder
  •  Open redirect vulnerability
  •  CMS Detection
  •  Detect Honeypots
  •  Detect DDoS attack
  •  Detect De-authentication attack
  •  Detect ARP spoof attack
  • Crawling

  •  Crawl a website and collect all the links
  •  Crawl and scrape the website for images
  • Attacks

  •  DDoS Attack
  •  ARP Spoofer
  •  DNS Spoofer
  •  De-authentication attack
  •  Network disassociation attack
  •  Ping of death
  •  MAC Flood attack
  • Utilities

  •  Generate customized backdoor
  •  Data monitoring
  •  Keylogger
  •  SSH Tunelling
  •  Generate sitemap
  •  MAC address changer
  •  Trace route



usage: [-h] [-u URL] [-p PORT] [-sp START_PORT] [-ep END_PORT] [-ssl]
                [-info] [-comment] [-email] [-fuzz] [-ip IP] [-t THREADS]
                [-i INTERFACE] [-source_port SOURCE_PORT] [-fin] [-null]
                [-ack] [-xmas] [-os_scan] [-xss] [-this] [-ping_sweep] [-arp]
                [-ip_start_range IP_START_RANGE] [-ip_end_range IP_END_RANGE]
                [-lfi] [-whois] [-o OUTPUT] [-d DORK] [-ddos] [-mac_flood]
                [-interval INTERVAL] [-cr] [-cri] [-all] [-exclude EXCLUDE]
                [-admin] [-orv] [-keylogger] [-host HOST] [-username USERNAME]
                [-password PASSWORD] [-sender SENDER]
                [-destination DESTINATION] [-arp_spoof] [-jquery]
                [-ping_death] [-bruteforce] [-hash] [-md5] [-sha1] [-sha224]
                [-sha256] [-sha512] [-dir DIR] [-detect_cms] [-change_mac]
                [-mac MAC] [-honey] [-target_bssid TARGET_BSSID] [-deauth]


optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     URL for scanning
  -p PORT, --port PORT  Single port for scanning
  -sp START_PORT, --start_port START_PORT
                        Start port for scanning
  -ep END_PORT, --end_port END_PORT
                        End port for scanning
  -ssl                  perform SSL scan
  -info                 Gather information
  -comment              Finding comments
  -email                Finding emails
  -fuzz                 Fuzzing URL
  -ip IP, --ip IP       IP address for port scanning
  -t THREADS, --threads THREADS
                        Number of threads to use
  -i INTERFACE, --interface INTERFACE
                        Networking Interface to use
  -source_port SOURCE_PORT
                        Source port for sending packets
  -fin                  Perform FIN Scan
  -null                 Perform NULL Scan
  -ack                  Perform TCP ACK Scan
  -xmas                 Perform XMAS Scan
  -os_scan              Perform OS Scan
  -xss                  Scan for XSS vulnerabilities
  -this                 Only scan the given URL, do not crawl
  -ping_sweep           ICMP ECHO request
  -arp                  ARP Scan
  -ip_start_range IP_START_RANGE
                        Start range for scanning IP
  -ip_end_range IP_END_RANGE
                        End range for scanning IP
  -lfi                  Scan for LFI vulnerabilities
  -whois                perform a whois lookup of a given IP
  -o OUTPUT, --output OUTPUT
                        Output all data
  -d DORK, --dork DORK  Perform google dorking
  -ddos                 Perform DDoS attack
  -mac_flood            Perform MAC Flooding attack
  -interval INTERVAL    Interval time for sending packets
  -cr                   For extracting links from a web page
  -cri                  For extracting images from a Web page
  -all                  Run all scans
  -exclude EXCLUDE      Scans to exclude
  -admin                Find admin panel on a given domain
  -orv                  Test for open redirection Vulnerability
  -keylogger            Capture keystrokes and send them by email
  -host HOST            SMTP Host to use
  -username USERNAME    Username to login
  -password PASSWORD    Password to login
  -sender SENDER        Email to send from
  -destination DESTINATION
                        Email to send to
  -arp_spoof            ARP Spoofing
  -jquery               Check jQuery version and get vulnerabilities
  -ping_death           Perform ping of death attack
  -bruteforce           Perform brute force attack through
  -hash                 Start hash scan
  -md5                  Scan MD5
  -sha1                 Scan SHA1
  -sha224               Scan SHA224
  -sha256               Scan SHA256
  -sha512               Scan SHA512
  -dir DIR              Directory to scan
  -detect_cms           Perform CMS Detection
  -change_mac           Chnage MAC address
  -mac MAC              New MAC address
  -honey                Detect honeypot
  -target_bssid TARGET_BSSID
                        Target BSSID
  -deauth               De-authentication attack

Example Usage :

python3 -u ‘http://url’ -info -comment -ssl -fuzz


python3 -u ‘http://url’ -all

(If you all too lazy like us use all command to use all scanning tool 🙂

WeCreativez WhatsApp Support
Our customer support team is here to answer your questions. Ask us anything!
👋 Hi, how can I help?


We typically respond within a few minutes