There lots of tools available on the Internet for both Windows and Linux platform who says they can scan website vulnerabilities. Lots of them are fake and some of them really work at a high level.
Also, there come some tools preinstalled in Kali Linux OS which are very good tools. But readers of our Blog are mainly students and the tools that come preinstalled in Kali Linux are quite difficult for them to begin a joyful Hacking journey.
That is why we've selected a tool among many tools called XAttacker. XAttacker is one of the best tools which are known as very good for scanning website vulnerabilities.
A Little About XAttacker
Xattacker tool is basically a Github tool written in Perl and created by Mohamad Riahi. The tool is containing lots of functions and all are very powerful. XAttacker is a website vulnerability scanner and as well as an Auto-Exploiter.
This tool can detect different vulnerabilities on different websites. You can put a list of websites in this tool and it will scan them one by one automatically.
If you're thinking of launching a website, you must use it for scanning your website for vulnerability. So that you can patch the vulnerabilities of your website and stay protected from hackers.
XAttacker is very easy to use and it will be very helpful for those learners who are very interested to become a pen-tester.
How To Configure XAttacker in Kali Linux
Fire up your Kali Linux machine and open the terminal. Now download/clone the tool to the Desktop from here. To clone the tool using the terminal follow the commands-
git clone 'copied URL' (without commas)
It will be cloned on the Desktop. Now go to the folder by the commands-
In the XAttacker directory, you will see a script named XAttacker.pl which is a simple script written in Perl language but very powerful. Now run the script by the command
In this step, the tool will ask you for the list of websites you want to scan for vulnerability. Create a list of websites in any text editor, name it and save the list. Now in the terminal choose the first option(i.e. yes) by typing 1 and hit enter.
Now it will ask you the path of the website list you've created before. Enter the path of the list. In our case, it is /root/Desktop/site.txt
In this step, the tool will begin to load the sites one by one automatically and start scanning. It will take a few minutes to complete the scanning for website vulnerability.
Congrats! you've successfully installed and configured XAttacker in your Kali Linux Machine.
There is a big role of these tools in the field of pen-testing and we should thank the creators of these kinds of tools. They really work hard for creating such types of tools.
If you have any confusion or problem regarding this tutorial, feel free to ask us in the comment box below. Keep your Hacking journey safe and stay legal.
This tutorial is only for educational purposes. Don't try it on the websites which are not owned by you. Do practice on your own property. We are not responsible for any kind of damages caused by you. Continue learning and stay legal.