As there are so many different articles and tools has been posted on web application security, this article will also cover some about penetration testing on web application, the web administrator must check their websites for most type of web site attack, because it is a rising problem for websites.
Gamja will find XSS(Cross site scripting) and SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].
Just like other open source tools Gamja is no longer be updated by the author but it is still a good choice to use, because it is free and it based on perl scripting, so there is no limitation of Operating system. If you are using Unix like system like Linux or BSD or if you are using Windows based system, in both case your can run gamja because it needs a perl program.
- Requirement for running gamja is perl, you can download active perl from here.
- After this open CMD (for windows) and Terminal (for linux), than locate the directory where you have downloaded gamja.
- Now type “Perl gamja.pl” without commas, you will get some help on how to use gamja.
- Now its time to check web application for vulnerabilities, type “perl gamja.pl http://www.target.com/index.php” without comma.
- It will create a HTML report file on the same directory open it and see the vulnerabilities.