Spaghetti – An Open Source Web Application Security Scanner

Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files, configurations, and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment.

Some of its features include:

  • Discovery: (Bruteforce, Admin Interface, Common Backdoors)
  • Disclosure: (Emails, Private IPs)

Getting Started

First, we have to clone the tool by typing the following command:

git clone

The once cloned, we change directory by typing the following command:
cd Security_Spaghetti

Then we install the requirements by typing the following command

pip install -r requirements.txtSpaghetti2

Then we start spaghetti by typing the following command:


Then to use the tool against your target website, type the following command:

python spaghetti --url [here type a url of your choice] --scan 0 --random-agent –verbose

[Type the URL for which your client has given permission to pen test].


What Bunny Rating Does it Get

Spaghetti is an effective tool for web application scanning. It can gather information as well as attack a web application. This is a powerful tool and may be useful for red team engagement, I award it a 4.5 out of 5 bunnies.


You may also like:

How 18 Year old boy Earned more than $100k form Legal Hacking.

Legit Websites For Paid Surveys

Please follow and like us:

Leave a Reply

Your email address will not be published. Required fields are marked *