Scanner Modules Reference
Explore the catalog of VScanX's core detection modules and learn their operational workflows, detection rules, and validation limits.
Mental Model
VScanX divides scanning capabilities into three specialized target domains: **Web**, **Web3 (Smart Contracts)**, and **Agentic AI**.
Instead of running high-impact active scans directly on live assets, VScanX modules use light passive probing to identify anomaly signatures first. If an anomaly threshold is reached, they publish typed contracts to the central event broker, delegating exploit validations cleanly to sandboxed plugins.
Web Application Modules
Designed to identify and verify traditional API vulnerabilities:
idor_detector.py
Purpose: Scans REST API endpoints for Insecure Direct Object Reference vulnerabilities.
Workflow: Passive scanner records user identification parameters in query strings or JSON bodies. The validator container tests parameter permutations across different authenticated session tokens to verify access bypasses.
sqli_detector.py
Purpose: Audits query input paths for SQL Injection vulnerabilities.
Workflow: Probes parameters with safe boolean boundary tests. If anomaly behavior (such as SQL syntax error headers or response time fluctuations) is flagged, the event spawns a local database clone to verify execution breakout safely.
Web3 & Smart Contract Modules
Audits compiled smart contract bytecodes and live chain transactions:
reentrancy_analyzer.py
Purpose: Detects missing state mutations before recursive withdrawal calls in Solidity bytecode.
Workflow: Pulls AST structure via RPC node interfaces. When a vulnerability signature matches, VScanX forks the blockchain locally inside an Anvil RPC sandbox and deploys simulated recursive withdrawal calls to assert if balance depletion can succeed.
access_control_checker.py
Purpose: Audits privileged contract function modifiers (such as onlyOwner).
Workflow: Analyzes ABI function definitions. If key withdrawal or management functions lack access controls, validation checks execute simulated ownership bypass transactions on local state forks.
Agentic AI Modules
Designed for validating LLM prompt boundaries and sandbox escape anomalies:
prompt_injection_fuzzer.py
Purpose: Jailbreaks system prompt variables using boundary query bypass scripts.
Workflow: Queries target LLM endpoints. If model alignment fails and the prompt fuzzer extracts restricted instructions, VScanX schedules isolated sandbox breakout tests.
code_execution_prober.py
Purpose: Audits dynamic code interpreter and execution sandboxes for host RCE.
Workflow: Spawns execution probes. Validates container breakouts inside highly secure gVisor (runsc) pods by testing shell escape commands deterministically.
Unbiased Operational Limitations
To maintain engineering trust, VScanX documents explicit boundary limitations and uncertainty constraints honestly:
Web3 Fork Latencies
Smart contract fork-state validations rely heavily on RPC response speeds. Under high network latencies or rate-limited RPC node connections, validation simulations can experience timeouts, leading to unverified classification fallbacks.
AI Fuzzer Heuristic Boundaries
AI prompt alignment fuzzing relies on dynamic semantic classifiers to identify jailbreaks. Because LLM outputs are naturally non-deterministic, highly unique bypass vectors may occasionally fall outside heuristic detection models.