Whatweb – WEB APPLICATION ANALYSIS TOOLS

Overview

  • To analyze different web technologies used by the website
  • It analyzes the website headers and JavaScript libraries

How to use it

In Kali linux 2, run the following command:

whatweb -v <website target>

01.png

The output result is easy to read and verify by testers

002.png

Advertisements

Skipfish – Web application analysis tools

Overview

  • http://tools.kali.org/web-applications/skipfish
  • Web application scanner tool
  • Used for reconnaissance and build sitemap for the target website by using a recursive crawl and prebuild dictionaries (wordlists)
  • Generate graphical output as HTML file
  • Display Number of packets and HTTP connections sent
  • Help to identify common security risks like SQL injection and XSS flaws
  • Check SSL certificate validity
  • Can be used with Http authentication

How to use it

In Kali linux 2, run the following command:

Skipfish -h to lists its options

Skipfish -o <output location> <website target>

01.png

02.png

To end the scan before finish, type Ctrl+C

The output result in index.html file is easy to read and verify by testers

03.png