Hello guys, today I'm gonna show you how to scan for vulnerabilities in a website, or all the websites in the server. In this tutorial I will use a program in KALI LINUX called UNISCAN. it's very easy to use, but very good in scanning. First of all, open your terminal and type this command:
root@localhost: ~# uniscan
Something like this will be printed on your terminal. Now all we have to do is follow the instructions. First of all we need a target to scan, I've chose one already and I will use it in my pictures. To start the scan, first you have to check the options which you want to use in your scan. # HOW TO USE OPTIONS: Check the letter beside your option, and include it after the URL like this:
root@localhost: ~# uniscan -u www.facebook.com -qweds
This will start your scan with all the different options you included.
NOTE:- NEVER FORGET THE FORWARD SLASH AT THE END OF THE LINK IN THE COMMAND!!
Now the scan will start, and the terminal will look something like this:
This scan will scan for vulnerabilities like SQL-i / LFI / RFI and so on. It also searches for Webshells, backdoors, PHP info disclosure, Emails, and much more. Here are some examples: PHP.info() disclosure:
External Links/Hosts:
Source Code disclosure:
Dynamic Scan, Vulnerability Identification:
root@localhost: ~# uniscan
Something like this will be printed on your terminal. Now all we have to do is follow the instructions. First of all we need a target to scan, I've chose one already and I will use it in my pictures. To start the scan, first you have to check the options which you want to use in your scan. # HOW TO USE OPTIONS: Check the letter beside your option, and include it after the URL like this:
root@localhost: ~# uniscan -u www.facebook.com -qweds
This will start your scan with all the different options you included.
NOTE:- NEVER FORGET THE FORWARD SLASH AT THE END OF THE LINK IN THE COMMAND!!
Now the scan will start, and the terminal will look something like this:
This scan will scan for vulnerabilities like SQL-i / LFI / RFI and so on. It also searches for Webshells, backdoors, PHP info disclosure, Emails, and much more. Here are some examples: PHP.info() disclosure:
External Links/Hosts:
Source Code disclosure:
Dynamic Scan, Vulnerability Identification:
0 comments:
Post a Comment