Vulnerability Analysis

Vulnerability Analysis

OwScan

scan your website for vulnerabilities.find website applications vulnerabilities and fingerprint the target web application
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install php
$ git clone
 https://github.com/gameye98/owscan
$ cd owscan
$ chmod +x *
 usage :
$ php owscan.php
 enter target site for example : example.com. it gives you information related to your target site.

CMS Map

cms map is a tool used to find the vulnerabilities of website such as joomla,dripal,wordpress
 with the help of this tool we can scan our site vulnerabilities and fix it,and stay safe and secure
 execute these commands one by one to install.
Installation :
$ apt update
$ apt upgrade
$ apt install git
$ apt install python2
$ git clone
 https://github.com/Dionach/CMSmap.git
$ cd CMSmap
$ chmod +x *
usage :
$ python2 cms.py -h
[it shows all options how we can use this tool]

Click Jacking Scanner

this script scans target site is vulnerable for this attack
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install python2
$ apt install python
$ git clone
https://github.com/DV4inci/Clickjacking-tester
$ cd Clickjacking-tester
$ chmod +hm *
Now create here file.text file, in this file paste vcitem website and save it
usage :
$ python3 Clickjacking-tester.py file.text
Now it starts scanning if target is vulnerable then it shows you..

TM – Scanner

TM-scanner is simple python script. this tool for detecting vulnerabilities in websites
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install python2
$ apt install python
$ git clone
https;//github.com/TechnicalMujeeb/TM-scanner
$ cd TM-scanner
$ chmod +x *
$ sh install.sh
usage :
$ python2 tmscanner.py
select your option and enter target site[example.com]

AndroBug Framework

Androbug framework is used to check the android apps vulnerabilities
to find bugs in android application.
Execute these commands one by one to install.
Installation :
$ apt update
$ apt upgrade
$ apt install git
$ apt install python2
$ git clone https://github.com/AndroBugs/AndroBugs_Framework
$ cd AndroBugs_Framework
$ chmod +x *
 usage :
Now move your app to AndroBugs_Framework folder
for example :
mv app.apk /$HOME/AndroBugs_Framework/
$ python2 androbugs.py -f app.apk -o result.txt
above command is used to check app bugs..
app.apk = is your app name
result.txt = to store all information
It shows all bugs and vulnerabilities of your app
that’s it

SQLI Scan

Sqliscan by dork :
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install curl
$ git clone https://github.com/thelinuxchoice/sqliscan
$ cd sqliscan
$ chmod +x *
usage :
$ ./sqliscan.sh
Now enter your dorks it will start collecting all vulnerable sites related to your dork and also these sites saved in saved.txt file.

Commix

Automated All-in-One OS command injection and exploitation tool
can be used from web developers, penetration testers or even security
researchers in order to test web-based applications
with the view to find bugs, errors or vulnerabilities
related to command injection attacks.
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install python2
$ git clone https://github.com/commixproject/commix
$ cd commix
$ chmod +x *
usage :
$ python2 commix.py
Now it shows how you can use this too..
$ python2 commix.py -h
it shows all options…
$ python2 commix.py -u site.com
it shows all information….

WpSeku

wpseku = wordpress security scanner
we can find vulnerabilities in wordpress sites
this is very usefull tool
installation :
$ apt update
$ apt upgrade
$ apt install git
$ apt install python2
$ apt install python
$ git clone https://github.com/m4110k/WPSeku
$ cd WPSeku
$ chmod +x *
$ pip install -r requirements.txt
usage :
python wpseku.py
here all options are present to use this tool
example :
$ python wpseku.py –url http:target.com

RouterSploit FrameWork

RouterSploit Framework = scan the routers devices and check the vulnerabilities of Routers/Devices
and exploits by the using frameworks
it consists of many more powerful modules for penetration testing operations
RouterSploit installation:
Execute these commands one by one.
$ apt update
$ apt upgrade
$ apt install python
$ apt install python2
$ git clone https://github.com/reverse-shell/routersploit.git
$ cd routersploit
Now install These all packages step by step :
$ pip2 install -r requirments-dev.txt
$ pip2 install -r requirments.txt
$ pip2 install request
$ pip2 install requests
Run routersploit:
python2 rsf.py
rsf> show all
it’s shows all modules of rotersploit
rsf> use [module name]
it shows how you can use that module.

Nikto web server scanner

Nikto is a web server assessment tool.
It is designed to find various default and insecure files,
configurations and programs on any type of web server Installation:
$ apt update && apt upgrade
$ apt install git
$ apt install perl
$ git clone https://github.com/sullo/nikto
$ cd nikto
$ chmod +x *
usage :
perl nikto.pl -H
it shows all options how you can use this tool

Credmap-check Login Emails

Credmap is an open source tool that was created to
bring awareness to the dangers of credential reuse.
It is capable of testing supplied user credentials
on several known websites to test if the password
has been reused on any of these
Installation :
$ apt update && apt upgrade
$ apt install git
$ apt install python2
$ apt install python
$ git clone https://github.com/lightos/credmap
$ cd credmap
$ chmod +x *
usage :
$ $ python2 credmap.py -h
It shows all options to use this tool
$ python2 credmap.py –username king –email [email protected]
king = is username of email
[email protected] = this is email to check

Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Image
  • SKU
  • Rating
  • Price
  • Stock
  • Availability
  • Add to cart
  • Description
  • Content
  • Weight
  • Dimensions
  • Additional information
  • Attributes
  • Custom attributes
  • Custom fields
Click outside to hide the compare bar
Compare
Wishlist 0
Open wishlist page Continue shopping