Announcement new tool: vbyscan


Why this tool?

  • There are still many vBulletin forums on the internet and the original project, OWASP_VBScan is unmaintained
  • Some minor problems of output message
  • Original project is written in perl
    => I ported the project to python3, create new data base in json format

What does it have?

  • Enumerate paths, just like original version
  • Compare version with vuln db, but with custom code and custom db. Bugs and mistakes are expected
  • Exploit checks (added some new exploits)

What is missing?

  • password logger detecting
  • Tapatalk vulnerability
  • html tags status
  • Parse version from index’s footer
  • Support sub-version comparison (patch, beta, rc, …)


Any exploits / modules / suggestions are welcome


vByScan is upgraded to 0.4.0 with huge improvement and new CVE list from