Info BackTrack

Linux & Security Tutorial

./WebSploit Toolkit


Sedikit saya jelaskan tentang WebSploit Toolkit🙂

./Websploit toolkit adalah proyek opensource buatan Fardin Allahverdinazhand, yang berfungsi untuk :

  • Autopwn – Used From Metasploit For Scan and Exploit Target Service
  • wmap – Scan, Crawler Target Used From Metasploit wmap Plugin
  • format infector – inject reverse & bind payload into file format
  • phpmyadmin – Search Target phpmyadmin login page
  • lfi – Scan, Bypass local file inclusion Vulnerability & can be bypass some WAF
  • apache users – search server username directory (if use from apache webserver)
  • Dir Bruter – brute target directory with wordlist
  • admin finder – search admin & login page of target
  • MLITM Attack – Man Left In The Middle, XSS Phishing Attacks
  • MITM – Man In The Middle Attack
  • Java Applet Attack – Java Signed Applet Attack
  • MFOD Attack Vector – Middle Finger Of Doom Attack Vector
  • USB Infection Attack – Create Executable Backdoor For Infect USB For Windows
Nah yang saya suka dari toolkit ini adalah cara kerjanya seperti CLI Project yang penggunaannya sangat mudah🙂 untuk menscan suatu web ato jaringan yang Vulnerability.
How to Install WebSploit in Backtrack 😀
silahkan download :

http://sourceforge.net/projects/websploit/files/

lalu extrak file rar tersebut didalam direktory

/pentest/web/

nah sekarang buka di terminal untuk eksekusi programnya🙂


lindo@laptop:~# cd /pentest/web/websploit
lindo@laptop:/pentest/web/websploit# ./websploit
[/sourcecode

nah saya coba running dulu dalam mode :

[1]WebSite Attack Vector Scanners,Crawlers For WebSite

oke, mungkin itu aja yang bisa saya sampaikan. semoga dapat bermanfaat untuk para pentester🙂

Sumber

Artikel Terkait:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: