Sunday, 6 August 2017

How to secure the website by finding the Website's Vulnerabilities using Kali Linux?

Hello Friends, today we will know how to find websites' vulnerabilities? First of all, why do you need it? So friends, its main two uses , First, to secure the website and second, to hack the website.Ethical hackers find the drawbacks of the website and make it secure, And the same black hat hacker hacks the website by finding those vulnerabilities.To perform this process you will need kali Linux OS. As you all know, Kali Linux is one of the best passion operating systems of white hat hackers, security researchers and pentester. It offers advanced penetration testing tool and its ease of use.  If you are beginning an ethical hacking or you want to learn to find a website vulnerabilities, then read this post to the last.

how to find websites' vulnerabilities@myteachworld.com


How To Find  Website Vulnerabilities Using Kali Linux [Step by Step follow me]

I'll tell you about a very popular tool called uniscan which is installed by default in kali linux operating system.It is a web vulnerability scanner and It is very powerful tool. And the best thing about this uniscan tool is ,you can use this tool as CLI (command line interface) or GUI (graphical user interface) mode.

READ MORE:


Method1: Command Line Interface(CLI)

Step1; Friends, first you open the terminal window in your Kali linux machine.

Step2; Now type the command uniscan in the terminal window of  Kali linux , and hit enter button.

Step3; Now you will see that the whole detail will be seen in front of you, you found many options or feature of uniscan tool for example enable directory check,enable file check,robot.txt check,enable static change etc.

how to find websites' vulnerabilities@myteachworld.com


Basic scan of a website:

Step4; Friends like I have to  scan of a website named www.myteachworld.com then simply execute this command unscan -u http://www.myteachworld.com .

how to find websites' vulnerabilities@myteachworld.com


Step5; Now you will get the basic details of the website, such as domain name, server, ip, Also these information are saved in the uniscan report folder ,the path of report folder given on the screen. 

Step6; By typing the command given below, you can see the report of the website.
Command:
cd /usr/share/uniscan/report      (hit enter button)

how to find websites' vulnerabilities@myteachworld.com

then type ls command . you can see the list of folder . and again type the command given blow.
Command:
firefox www.myteachworld.com.html    (Your case may be your website.)

how to find websites' vulnerabilities@myteachworld.com


Deep scan of a website:

Step1; You know the information of that website www.myteachworld.com in detail then you need to execute this command unscan -u http://www.myteachworld.com -qwtds and press enter button.
Note: here  -q To check the directory of that website, w to check the file's website, e to check website's sitemap and robot text, after that d for dynamic check and s for static check.
Step2; Now the uniscan tool will start to scan the full website in depth, and provide you full detail about that website such as which php version is used, emails are using  on that site or not,external host, msql is vulnerable or not ,and many more detail and option will get.

Step3; Now All the information is saved in the report folder automatically. 


Method2: Graphical User Interface(GUI)

Friends, this is a very good tool, because we can work with this tool in gui mode. Many people who feel boring to work on cli mode, but both are necessary for an ethical hacker.

Step1; First you open the terminal window of Kali linux.

Step2; Now then simply execute this command uniscan-gui and hit enter button. You will now see that the gui mode of uniscan tool is open in front of you.


Step3; Now you can enter the url of the site which you want to scan .And there are many more option you can choose.

      In the same way you can easily check Vulnerabilitie of any website easily.
So friends this is the end of the article ,if you like this post please share it your friends.If you face some problem in any steps please drop your email by going to contact us section of this site. thank you so much ,stay tune with this blog and blog's admin Mr. Aditya Singh

No comments:

Post a Comment