HELLO,
In this topic, I will tell you about the Uniscan tool, which will identify vulnerabilities such as XSS, SQL, Upload on the target site and print the results found to you as reports to your terminal. Let's get to the point.
DISCOVERING VULNERABILITY AT TARGET SITE WITH UNISCAN TOOL
First we install our tool with the following command
We then type the following command to display the parameters available on the tool
The use of the tool is simply shown on the terminal as you can see in the image above.Now let's perform a scan on the target site.I'm entering the following command for this.I used only the -d parameter for practical expression.The scan can be customized with other parameters.the parameters used in general are as follows;
-u -->Specifies the site address
-d-->Performs quick browsing on site
-q-->Lists files that are open on site
-w-->Lists files on the site
-r-->Scans php information for the destination site
-e-->does robots.txt and sitemap.xml researchs
-s-->Prepares a comprehensive report after scan
When the scan is finished, it will be shown in the above fields if an existing open is found on the site.
We enter the following command at the command line to view scan reports
We can then view reports from the websites we've scanned by entering the following command.
When we browse any of the reports, it will be displayed in html format as follows
thank you, good forums
SOURCE :https://www.turkhackteam.org/web-se...araci-ile-web-sitelerinde-zafiyet-tarama.html
In this topic, I will tell you about the Uniscan tool, which will identify vulnerabilities such as XSS, SQL, Upload on the target site and print the results found to you as reports to your terminal. Let's get to the point.
DISCOVERING VULNERABILITY AT TARGET SITE WITH UNISCAN TOOL
First we install our tool with the following command
Kod:
apt-get install uniscan
We then type the following command to display the parameters available on the tool
Kod:
uniscan
The use of the tool is simply shown on the terminal as you can see in the image above.Now let's perform a scan on the target site.I'm entering the following command for this.I used only the -d parameter for practical expression.The scan can be customized with other parameters.the parameters used in general are as follows;
-u -->Specifies the site address
-d-->Performs quick browsing on site
-q-->Lists files that are open on site
-w-->Lists files on the site
-r-->Scans php information for the destination site
-e-->does robots.txt and sitemap.xml researchs
-s-->Prepares a comprehensive report after scan
Kod:
uniscan -u siteadresi.com -d
When the scan is finished, it will be shown in the above fields if an existing open is found on the site.
We enter the following command at the command line to view scan reports
Kod:
cd /usr/share/uniscan/report
We can then view reports from the websites we've scanned by entering the following command.
Kod:
ls
When we browse any of the reports, it will be displayed in html format as follows
thank you, good forums
SOURCE :https://www.turkhackteam.org/web-se...araci-ile-web-sitelerinde-zafiyet-tarama.html
Son düzenleme: