JoomScan
..:: Is a Vulnerability Scanning Tool ::..
Introduction
Joomscan is the CMS Vulnerability Identification Tool .
This tool is created by YGN Ethical Hacker Group from Myanmar(Burma).
Joomscan is used to find the vulnerability in the websites .
Joomscan helps the developer to find the weaknesses in the websites .
Joomscan is a signature based scanner which can detect the XSS/CSRF, sql injection etc on the target website .
How to open Joomscan on Backtrack 5
Follow : Backtrack > Vulnerability Assessment > Web Assessment > CMS Vulnerability Identification Tool > joomscan
How to Use joomscan
When you open joomscan , it will look like this image (shown below)
The above image shows the syntax and the options
Some more options like check ,update, about and read (shown above)
In the above image ,we are giving the command : ./joomscan -u < target url >
Example : ./joomscan.pl -u www.plusline.org as shown in the image above .
Here ./joomscan.pl : used to start the joomscan -u : used for url
Here it shows the Server name , checking for Anti-Scanner measure
In this image ,it shows fingerprinting and the XSS/CSRF Vulnerability
- At last ,it shows the report how many vulnerable points in the website .
- This is how we can use this tool .
Không có nhận xét nào:
Đăng nhận xét