Gamja-Web Vulnerability Scanner

As there are so many different articles and tools has been posted on web application security, this article will also cover some about penetration testing on web application, the web administrator must check their websites for most type of web site attack, because it is a rising problem for websites.

The most famous web application attacks are SQL-injection and cross site scripting.
Gamja will find XSS(Cross site scripting) and SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].   

Just like other open source tools Gamja is no longer be updated by the author but it is still a good choice to use, because it is free and it based on perl scripting, so there is no limitation of Operating system. If you are using Unix like system like Linux or BSD or if you are using Windows based system, in both case your can run gamja because it needs a perl program.

Tutorial
  • Requirement for running gamja is perl, you can download active perl from here. 
  • After this open CMD (for windows) and Terminal (for linux), than locate the directory where you have downloaded gamja.
  • Now type “Perl gamja.pl” without commas, you will get some help on how to use gamja. 

  •  Now its time to check web application for vulnerabilities, type “perl gamja.pl http://www.target.com/index.php” without comma.
  • It will create a HTML report file on the same directory open it and see the vulnerabilities.




Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...