Today we are going to learn about security scanning of web application or website using inbuilt tools and software’s available in Kali Linux.
Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
Kali Linux website: https://www.kali.org/
We will explore two software packages for security scanning of a website or web application.
1. WPScan – The WPScan CLI tool is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites. The WPScan CLI tool uses our database of 22,815 WordPress vulnerabilities.
WPScan Website: https://wpscan.com/
2. OWASP Zed Attack Proxy ( ZAP) – The world’s most widely used web app scanner. Free and open source. Actively maintained by a dedicated international team of volunteers.
ZAP Website: https://www.zaproxy.org/
I hope you enjoy the video, Please let me know your questions and queries in comment section.