Web Application Security Scanner in Kali Linux - Spaghetti

Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files, configurations, and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment.



  • Content Management System (CMS)
  • Web Frameworks
  • Cookies/Headers Security
  • Languages
  • Operating Systems (OS)
  • Server
  • Web App Firewall (WAF)



  • Apache Status Page
  • Open Redirect
  • PHPInfo
  • Robots.txt
  • XST


  • Admin Panel
  • Common Backdoor
  • Common Backup Dir
  • Common Backup File
  • Common Dir
  • Common File
  • Hidden Parameters


  • Credit Cards
  • Emails
  • Private IP
  • Errors -> (fatal errors,...)
  • SSN

Lets Start with Web Application Security Scanner

Step 1 :-You need to download Spaghetti tool by executing this command in terminal window of kali linux.

git clone https://github.com/m4ll0k/Spaghetti.git

Web Application Security Scanner in Kali Linux - Spaghetti

Step 2 :- Now install the all requiremets.

pip install -r requirements.txt

Web Application Security Scanner in Kali Linux - Spaghetti

Step 3 :-Now you can run this tool easily, that give this command ./spaghetti.py and press enter button.

Web Application Security Scanner in Kali Linux - Spaghetti

Step 4 :-Then Enter your Target Website.

Here I have used "techtrick.in" for demo purpose.

./spaghetti.py -u www.techtrick.in -s 0

Web Application Security Scanner in Kali Linux - Spaghetti

For References :-

Thank you for reading this article. Do let me know for any queries in comment section below.

Sharing is caring


About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).

You may also like :-

Leave a Comment

Your email address will not be published. Required fields are marked *

Reader Comments [1]

Kickass Torrents

Greetings from Ohio! I'm bored to death at work so I decided to browse your blog on my iphone during
lunch break. I enjoy the info you provide here and can't wait to take
a look when I get home. I'm surprised at how fast your blog loaded
on my cell phone .. I'm not even using WIFI,
just 3G .. Anyhow, wonderful site!



Stay Connected

Popular Posts

Get Latest Stuff Through Email

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..