Webshag is a multithreaded, multiplatform, web server audit tool.
It can be used for:
It can be used for:
- Port scanning
- Web scanning
- URL scanning
- File Fuzzing
- Retrieving Domain Name list
To open up Webshag on Backtrack 5(GNOME) go to :
BackTrack > Vulnerability Assessment > Web Assessment > webshag-cli
You can also get webshag as a visual interface tool...
But in this case we will not be using it as a visual interface tool, we will be seeing it on a console window.
Once, you have opened up webshag, see the options,
–version show program’s version number and exit
-h, –help show this help message and exit
-U Update the URL scanner databases and exit
-m MODULE Use MODULE [pscan|info|spider|uscan|fuzz]. (default: uscan)
-p PORT Set target port to PORT. For modules uscan and fuzz PORT can
be a list of ports [port1,port2,...]. (default: 80)
be a list of ports [port1,port2,...]. (default: 80)
-r ROOT Set root directory to ROOT. For modules uscan and fuzz ROOT
can be a list of directories [/root1/,/root2/,...].
(default: /)
can be a list of directories [/root1/,/root2/,...].
(default: /)
-k SKIP *uscan only* Set a false positive detection string
-s SERVER *uscan only* Bypass server detection and force server as
SERVER
SERVER
-i SPIDER_INIT *spider only* Set spider initial crawling page (default: /)
-n FUZZ_MODE *fuzz only* Choose the fuzzing mode [list|gen]. (default:
list)
-n FUZZ_MODE *fuzz only* Choose the fuzzing mode [list|gen]. (default:
list)
-e FUZZ_CFG *fuzz / list only* Set the fuzzing parameters for list mode.
11 = fuzz directories and files; 01 = fuzz files only; 10 =
fuzz directories only; 00 = fuzz nothing. (default: 11)
11 = fuzz directories and files; 01 = fuzz files only; 10 =
fuzz directories only; 00 = fuzz nothing. (default: 11)
-g FUZZ_GEN *fuzz / gen only* Set the filename generator expression.
Refer to documentation for syntax reference. (default: )
Refer to documentation for syntax reference. (default: )
-x Export a report summarizing results.
-o OUTPUT Set the format of the exported report. [xml|html|txt].
(default: html)
(default: html)
-f OUTPUT_FILE Write report to FILE. (default: webshag_report.html)
To get help type in: ./webshag_cli.py -h
To use port scan,
Syntax :
./webshag-cli -m pscan
_________________________________________________________________________________
Now, is the best part, the Spider Module,
it helps you to get and extract all the directory names, external website links, email addresses, etc. and crawl the website.
Syntax:
./webshag_cli.py -m spider -p 80 / < target-ip >
_________________________________________________________________________________
You can also use the URL scanner:
Syntax:
./webshag_cli.py -m uscan < target-ip >
_________________________________________________________________
The other options are for you all to discover and believe me, it is very easy.
Do you need to increase your credit score?
ReplyDeleteDo you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com