Scan for website vulnerabilities using Uniscan tool in Kali Linux

In today's world, the security of any system is getting a better form but the clever hackers always pull out the vulnerabilities of systems. In this tutorial, we're gonna cover the setup and all about the uniscan tool which is used widely by hackers and pen-testers to do penetration testing to find website vulnerabilities.

Some of you might know about the ways of finding website vulnerabilities and some of you have not but its okay because this tutorial gonna teach you a way of finding website vulnerability using Kali Linux.

A Little About Uniscan

The uniscan tool comes with both terminal and GUI version. You can use any of them with which you're comfortable. Uniscan offers many parameters to users. stress check, directory check, google dork search and more. It is a very powerful tool and easier to use. This quality made this tool popular among hackers and wannabes. The tool is written in Perl language. If you don't have the tool in your Kali Linux Machine, download it from here. So let's move to the tutorial.

Setup And Using Tutorial:

For the terminal version:

First, open up the terminal and type uniscan and hit enter. It will show up all the available parameters you can use.


Scan for website vulnerabilities using Uniscan tool in Kali Linux-crackitdown

How to select the options? Just simply type uniscan -'the letter against the option' 'the url' without the commas. (ex: uniscan -q https://www.example.com)

Let's have an example of one of these parameters. Here we're gonna check the files of hackthissite.com. The image below shows how the uniscan works.


So the scanning has been finished and the report automatically saved in the report folder. The giving the path of the report below the scan. So let's follow the path. 

Open Folders> Other Location> Computer> usr> share> Uniscan> report. 


Scan for website vulnerabilities using Uniscan tool in Kali Linux-crackitdown

Inside the report folder, you will see an HTML file named with the name of the website you have scanned. The image above shows how it saves.

For the GUI version:

To open the GUI version give the command uniscan-gui and hit enter. It will open up the GUI version.

The use of the GUI version is same as the terminal version. Just specify the target in the URL box and check the parameters you want to perform on the target and click on the start scan button.


Scan for website vulnerabilities using Uniscan tool in Kali Linux-crackitdown

After finishing scanning click on open log file button to get access to the log. To get the reports follow the same path that you have followed in the terminal version.

Tip:

If you don't want to use your site to do the test, use HackThisSite to do a test on it. You can perform any practical on this site freely and legally. But they have also some condition. Read them before using the site. The site is built by Infosec.

Warning: 

The tool sends many queries to scan different sections of targets. If the authority/owner of the target detects that unusual traffic is coming to their site from your system then they can trace you back. Anonymize yourself before using any kind of tool. We do not prefer you to do anything on other's property. Do practical on your property. Be safe and don't get caught. Hack the world to protect the world. Be with us to make friends with us. You're valuable for us. If you're facing any issue using the tool feel free to comment us below describing your problem. Our team is always here for you. 
Admin
Admin

Authored By Crack It Down Team.
A team of crackers by the heart and passionate technical helpers by mind. We work as tech help provider in various online platforms. Life Motto: Hack the world to create the world in a new way.

No comments:

Post a Comment

Leave us a comment. Your comment is valuable to us.