it's very easy to use, but very good in scanning.
First of all, open your
terminal and type this command: cd /pentest/web/uniscan &&
./uniscan.pl
Something like this will be printed on your terminal.
Now all we haveto do is follow the instructions.
First of all we need a target to scan,
I've chose one already and I will use it in my pictures.
To start the scan, first you have to check the options which you want
to use in your scan.
# HOW TO USE OPTIONS:
Check the letter beside your option, and include it after the URL like
this:
./uniscan.pl -u http://www.website.com/ -b -q -d -w or put them all
together. ./uniscan.pl -u http://www.website.com/ -bqdw
This will start your scan with all the different options you included.
NOTE:- NEVER FORGET THE FORWARD SLASH AT THE END OF THE
LINK IN THE COMMEND!!
Now the scan will start, and the terminal will look something like this:
This scan will scan for vulnerabilities like SQL-i / LFI / RFI and so on.
It also searches for Webshells, backdoors, PHP info disclosure, Emails,
and much more.
Here are some examples: PHP.info() disclosure: External Links/Hosts:
Source Code disclosure: Dynamic Scan, Vulnerability Identification:
This program can also get all the sites in a server, and then you will be
able to scan all of them.
To do that, run this command: ./uniscan.pl -i "ip:127.0.0.1" Change
127.0.0.1 to your target server. All the websites will be stored in
"sites.txt" in the same directory.
Now to scan those sites in the list, run this command: ./uniscan.pl -f
sites.txt -bqwd You can change the options to whatever you want.
Thats it guys
No comments:
Post a Comment