Scan website for vulnerabilities with Uniscan Kali Linux Tutorial
<3
Requirements:
- Kali Linux
- Uniscan (Comes Pre-Installed in Kali Linux)
(Y)
What is Uniscan ? Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner that was written in Perl by Douglas Poerschke Roch.
Installing Uniscan
root@kali:~# apt-get install uniscan
listing usage: You can use command uniscan -h to list help options and display usage.
root@kali:~# uniscan -h
####################################
Uniscan project
http://uniscan.sourceforge.net/
####################################
V. 6.2
OPTIONS:
-h help
-u url example: https://www.example.com/
-f file list of url's
-b Uniscan go to background
-q Enable Directory checks
-w Enable File checks
-e Enable robots.txt and sitemap.xml check
-d Enable Dynamic checks
-s Enable Static checks
-r Enable Stress checks
-i dork Bing search
-o dork Google search
-g Web fingerprint
-j Server fingerprint
usage:
[1] perl ./uniscan.pl -u http://www.example.com/ -qweds
[2] perl ./uniscan.pl -f sites.txt -bqweds
[3] perl ./uniscan.pl -i uniscan
[4] perl ./uniscan.pl -i "ip:xxx.xxx.xxx.xxx"
[5] perl ./uniscan.pl -o "inurl:test"
[6] perl ./uniscan.pl -u https://www.example.com/ -r
Uniscan Usage Example
Open a new terminal and enter the following command this will start finger printing and scanning the target web server for vulnerabilities.
uniscan.pl -u http://www.example.com/ -qweds
Replace URL with target URL.
In this tutorial I will be running Uniscan using options – qwedsgj
uniscan.pl -u http://www.example.com/ -qwedsgj
What these options do.
-q Enable Directory checks
-w Enable File checks
-e Enable robots.txt and sitemap.xml check
-d Enable Dynamic checks
-s Enable Static checks
-g Web fingerprint
-j Server fingerprint
Uniscan GUI
Uniscan also has a GUI for those who prefer a graphical interface.
To access Uniscan-Gui we can use the following command from a new terminal.
