From 3a328957ed8e3ee6c1afd93a84c306ed2df6031f Mon Sep 17 00:00:00 2001
From: MICHAELKITH <michaelkithinji27@gmail.com>
Date: Thu, 2 Oct 2025 01:37:42 +0300
Subject: [PATCH] Enhance readme readability

---
 README.md | 213 ++++++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 159 insertions(+), 54 deletions(-)

diff --git a/README.md b/README.md
index ff7f89d..a37d705 100644
--- a/README.md
+++ b/README.md
@@ -1,52 +1,117 @@
-# DScanner - CTF Drupal Exploit Tool
+# DScanner 3.0.0
 
-DScanner 3.0.0 - Made By Taylor Christian Newsome
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](#license) [![Python Version](https://img.shields.io/badge/python-3.6%2B-green.svg)](#requirements) [![Last update](https://img.shields.io/badge/last--update-March%202025-orange.svg)](#note)
 
-Overview
+> **DScanner 3.0.0 — Made by Taylor Christian Newsome**
 
-DScanner is an exhaustive Drupal vulnerability scanner and exploitation tool built for Capture The Flag (CTF) competitions, such as DEFCON. It targets Drupal CMS with a massive payload library covering every known vulnerability up to March 2025, plus generic web and CTF-specific attack vectors. Designed to outshine tools like Drupwn, DScanner is stealthy, fast, and packed with features to help you find flags and win challenges.
+---
 
-Features
+## Table of Contents
 
-Comprehensive vulnerability scanning: Includes all Drupal CVEs, SA-CORE advisories, and module-specific exploits up to March 2025.
-Massive payload library: SQLi, XSS, RCE, LFI/RFI, XXE, SSRF, CSRF, file uploads, deserialization, command injection, path traversal, open redirect, session/auth bypass, and CTF flag hunting.
-Stealth capabilities: Randomized user agents (including curl/wget), proxy support, and variable delays.
-Multi-threaded scanning: Fast execution with up to 15 concurrent workers.
-Detailed logging: Forensic analysis in dscanner.log.
-SSL/TLS checks: Detects weak protocols.
-CLI interface: Supports -u/--url and -h/--help options.
-CTF-ready: Hunts for flags in common locations (e.g., flag.txt, .hidden/).
+1. [Overview](#overview)
+2. [Features](#features)
+3. [Requirements](#requirements)
+4. [Installation](#installation)
+5. [Usage](#usage)
 
-Installation
+   * [Run with URL (one-shot)](#run-with-url)
+   * [Interactive mode](#interactive-mode)
+   * [Help](#help)
+6. [Example Output](#example-output)
+7. [Payloads](#payloads)
+8. [Detailed Logging](#detailed-logging)
+9. [Legal Notice](#legal-notice)
+10. [Contributing](#contributing)
+11. [Contact](#contact)
+12. [License](#license)
+13. [Note](#note)
 
-Clone the repository: git clone https://github.com/ClumsyLulz/DScanner.git cd DScanner
-Install dependencies: pip install -r requirements.txt
-Make executable (Linux/Mac): chmod +x DScanner.py
-Optional - Install as command (Linux/Mac): sudo cp DScanner.py /usr/local/bin/DScanner sudo chmod +x /usr/local/bin/DScanner
+---
 
-Requirements
+## Overview
 
-Python 3.6+
-requests>=2.28.1
-beautifulsoup4>=4.11.1
-urllib3>=1.26.12
-See requirements.txt for details.
+DScanner is an exhaustive Drupal vulnerability scanner and exploitation tool built for Capture The Flag (CTF) competitions (e.g., DEFCON). It targets Drupal CMS with a massive payload library covering every known vulnerability up to **March 2025**, plus generic web and CTF-specific attack vectors.
 
-Usage
+Designed to outshine similar tools, DScanner focuses on speed, stealth, and thorough exploit coverage to help you find flags and win challenges.
 
-Run with URL
+**Author:** Taylor Christian Newsome
+
+---
+
+## Features
+
+* **Comprehensive vulnerability scanning** — Includes Drupal CVEs, SA-CORE advisories, and module-specific exploits up to March 2025.
+* **Massive payload library** — SQLi, XSS, RCE, LFI/RFI, XXE, SSRF, CSRF, file uploads, deserialization, command injection, path traversal, open redirect, session/auth bypass, and CTF flag hunting.
+* **Stealth capabilities** — Randomized user agents (including curl/wget), proxy support, and variable delays to reduce fingerprinting.
+* **Multi-threaded scanning** — Fast execution with up to **15 concurrent workers**.
+* **Detailed logging** — Forensic analysis written to `dscanner.log`.
+* **SSL/TLS checks** — Detects weak protocols and ciphers.
+* **CLI interface** — Supports `-u/--url` and `-h/--help` options for automation.
+* **CTF-ready** — Searches common flag locations (e.g., `flag.txt`, `.hidden/`, `backup/`).
+
+---
+
+## Requirements
+
+* **Python:** 3.6+
+* **Python packages (minimum):**
+
+  * `requests>=2.28.1`
+  * `beautifulsoup4>=4.11.1`
+  * `urllib3>=1.26.12`
+
+See `requirements.txt` for the complete dependency list.
+
+---
+
+## Installation
+
+```bash
+# Clone the repository
+git clone https://github.com/ClumsyLulz/DScanner.git
+cd DScanner
+
+# Install dependencies
+pip install -r requirements.txt
+
+# Make executable (Linux / macOS)
+chmod +x DScanner.py
+
+# Optional - Install as a system command (Linux / macOS)
+sudo cp DScanner.py /usr/local/bin/DScanner
+sudo chmod +x /usr/local/bin/DScanner
+```
+
+---
+
+## Usage
+
+### Run with URL (one-shot)
+
+```bash
 DScanner -u http://target.com
+```
 
-Interactive mode
+### Interactive mode
+
+```bash
 DScanner
-(Enter URL when prompted)
+# (Enter URL when prompted)
+```
+
+### Help
 
-Help
+```bash
 DScanner -h
-or
+# or
 DScanner --help
+```
 
-Example Output
+---
+
+## Example Output
+
+```
 Made By Taylor Christian Newsome
 DScanner 3.0.0 - DEFCON CTF Drupal Exploit Monster (March 2025)
 
@@ -64,33 +129,73 @@ DScanner 3.0.0 - DEFCON CTF Drupal Exploit Monster (March 2025)
 [EVIDENCE] Found: ['whoami']
 [DRUPAL-SPECIFIC CHECKS]
 [+] Drupal system block detected
+```
+
+---
+
+## Payloads
+
+DScanner ships with a large and diverse set of payloads and exploit techniques, including but not limited to:
+
+* **Drupalgeddon series:** CVE-2014-3704, SA-CORE-2018-002, SA-CORE-2018-004
+* **SQL Injection:** basic, blind, union, error-based, out-of-band
+* **XSS:** basic, SVG, event handlers, polyglots, filter bypasses
+* **RCE:** PHP `eval`, base64 payloads, file writes, reverse/interactive shells, Twig template exploits
+* **LFI / RFI:** null byte, filter streams, encoded payloads
+* **XXE:** file disclosure, network SSRF/XEE, blind XXE
+* **SSRF:** localhost, file, cloud metadata (e.g., AWS), gopher protocol tricks
+* **CSRF:** logout, admin creation, state-changing operations
+* **File Upload:** PHP shells, double extension tricks, null byte bypasses
+* **Deserialization:** PHP object injection, base64 encoded variants
+* **Command Injection:** pipes, encoded payloads, blind injection techniques
+* **Path Traversal:** Unix, Windows, encoded traversal payloads
+* **Open Redirect:** basic and encoded redirect payloads
+* **Session / Auth:** hijacking, bypass techniques, cookie tampering
+* **CTF-Specific:** targeted flag hunting (e.g., `flag.txt`, `.hidden/`, `backup/`)
+
+---
+
+## Detailed Logging
+
+All scan activity and forensic details are recorded to `dscanner.log` for later analysis and incident reconstruction.
+
+---
+
+## Legal Notice
+
+**DScanner is provided for educational and authorized testing purposes only**, such as Capture The Flag events (e.g., DEFCON). Unauthorized use against systems you do not own or do not have explicit permission to test is **illegal** and strictly prohibited. By using DScanner you agree to only test targets for which you have written authorization.
+
+---
+
+## Contributing
+
+Contributions are welcome. If you'd like to contribute:
+
+1. Fork the repository
+2. Create a feature branch: `git checkout -b feature/my-feature`
+3. Commit your changes: `git commit -m "Add some feature"`
+4. Push to the branch: `git push origin feature/my-feature`
+5. Open a Pull Request
+
+Alternatively, open an issue to discuss bugs, feature requests, or improvements.
+
+Repository: `https://github.com/ClumsyLulz/DScanner/`
+
+---
+
+## Contact
 
-Payloads
+* **GitHub:** [https://github.com/ClumsyLulz/](https://github.com/ClumsyLulz/)
+* **Author:** Taylor Christian Newsome
 
-Drupalgeddon series (CVE-2014-3704, SA-CORE-2018-002, SA-CORE-2018-004)
-SQL Injection: Basic, blind, union, error-based, out-of-band
-XSS: Basic, SVG, event handlers, polyglots, filter bypasses
-RCE: PHP eval, base64, file writes, shells, Twig exploits
-LFI/RFI: Basic, null byte, filter streams, encoded
-XXE: File disclosure, network, blind
-SSRF: Localhost, file, AWS metadata, gopher
-CSRF: Logout, admin creation
-File Upload: PHP shells, double extensions, null byte
-Deserialization: PHP objects, base64 variants
-Command Injection: Basic, pipes, encoded, blind
-Path Traversal: Unix, Windows, encoded
-Open Redirect: Basic, encoded
-Session/Auth: Hijacking, bypass, cookie tampering
-CTF-Specific: Flag hunting (flag.txt, .hidden/, backup/)
-Legal Notice
+---
 
-DScanner is for educational and authorized testing purposes only, such as DEFCON CTF. Unauthorized use against systems you do not own or have permission to test is illegal. Use responsibly.
+## License
 
-Contributing
+This project uses the MIT License. See the `LICENSE` file for details.
 
-Fork the repo, submit pull requests, or open issues at https://github.com/ClumsyLulz/DScanner/. All contributions welcome!
+---
 
-Contact
+## Note
 
-GitHub: https://github.com/ClumsyLulz/
-Author: Taylor Christian Newsome
+Payloads and vulnerability coverage include advisories and exploits known up to **March 2025**. Use DScanner responsibly and only in authorized environments.