Darkjumper- Automatic Tool Tutorial
Web application security is a big issue for the administrator of different website and for the hosting provider. How it is a issue for web hosting provider? Well if one the website compromise than there is a chance to compromise all the website that hosted on the same server that has been compromised before.
There are several tools available for measuring the security of a website, the tools available for both Windows and Linux based operating system. Here is a comprehensive list of a tool that we have discussed before.
- Sandcat - Web Application Security Scanner
- Wapiti-Web application vulnerability scanner
- Netsparker- Free Web Application Security Scanner
- Websecurify- Website Security Testing Tool
- XSSer- Cross Site Scripting Penetration Tool
- Sqlmap- Automatic SQL Injection Tool
- And More
Now the main aim of writing this article is to introduce darkjumper, darkjumper is a tool that written on python and it has an ability to check every website that host at the same server of your target website. It can check the vulnerabilities on every website that host on the same server.
- Scan for SQL-I, Blind SQL-I, Local file inclusion and remote file inclusion on every website that host on the same server.
- CGI directory finding
- Auto injection
- Port Scanning
At the time of writing this Darkjumper V5.7 is available. Click here to download.
You need python to run darkjumper, first of all the basic thing is the help use help command to learn more about darkjumper.
- The second important command is
./darkjumper.py -t [target] -m reverseonly
- Reverseonly means means the tool only reverse the target IP no checking for bug. Now if you want to check SQL-I bug use this command.
./darkjumper.py -t [target] -m injection
- For RFI and LFI use
./darkjumper.py -t [target] -m inclusion
- For both injection and inclusion use
./darkjumper.py -t [target] -m full
Darkjumper- Automatic Tool Tutorial Reviewed by Ethical Hacking on 11:08 AM Rating: