vulnerability scanning using BACKTRACK 5


BackTrack 5: Using w3af to scan the web for vulns

 THIS IS FOR EDUCATIONAL PURPOSE ONLY !
If you using BackTrack then it'll be much easier for you cause in BT w3af is already installed so lets get started !


For BackTrack users
Go to Application > BackTrack > Exploitation > Web Exploitation tools => w3af gui . Click on w3af gui , a window will apear and there is your w3af.BackTrack 5: Using w3af to scan the web for vulns
For Windows
You have to install in manually if you using windows . You can download it fromHERE When download is completed extract it and you'll find the installation file there. Install it
Using w3af
Now its time to use w3af , its pretty easy. When you start w3af you'll see a window like :BackTrack 5: Using w3af to scan the web for vulnsThere is a Target text field , you have to enter the URL of the target website there . Below that there is a Plugin and Active tabs . After entering the URL of the website , you have to select the Scan type by selecting those plugins . More plugin you select , more will be the time to scan. Select the Scan type and press the play button above .
Getting the results
When the scan is running or finished , you'll see a window like :BackTrack 5: Using w3af to scan the web for vulnsCan you see the lower right corner , there are 3 pointers with some signs and with numbers 2 0 0 . Those are vulnerabilities no. . If you get numbers on 2nd pointer then you'll have a high rate of success.BackTrack 5: Using w3af to scan the web for vulnsNow go to Results . There you'll find the result of the scan . Above window is Exploits window , if you see anything on middle panel then the site is more vulnerable. Now when you have the vulnerabilities , you can exploit that according to your choice . 

1 comment:

  1. i want to learn hacking right now i am learning ethical hacking but i wont to know more pleas3e contact me on mark.victor2310@gmail.com

    ReplyDelete