Web Based Vulnerability Scanning

hacking

(StepBack) #1

Hello guys.Before tell my problem i want to introduce myself.I am student at Computer Science department.I am interested in Security and Programing so I am coding python for months.I wrote lots of script about security(Port Scanner , DDOS , Reverse Shell etc.).This year i want coding Web Based Vulnerability Scanning with Django like a Nessus , OpenVas.
My project is working you enter your target ip address to my project then it will work.When scanning finish it will show you all vulnerability.That’s all.But i must ask you some questions.

  1. What module should i use ?

  2. Should i use Django ?

  3. Is there any book you suggest me ?

(English is my second language sorry if i wrote wrong ).


(zief four) #2
  1. I dont know about module you used… but i think you can look at source code at github about function or libraries you need.
  2. I don’t know… i’m not good at python and can’t give any advice about it.
  3. OWASP TOP 10 is standard used in pentest, you can start from there

(707) #3

Ok so… I suggest you look at other Web Scanners specifically Nikto since I believe this is what you’re looking at. Looking at other source code could help, but despite this, nikto is written in Perl so if you need any help please either throw a PM to me @Techno_Forg or throw a PM to @nugget. Nikto basically using OpenSSL Library in Perl to perform most of its audits and also I believe uses a Database (correct me if I’m wrong). It’s outdated but… it could work.

Here’s the site:

https://cirt.net/Nikto2

and here’s the source code:

Hope that helps. Cheers!

–Techno Forg–


(StepBack) #4

Thank you for helping.I am searching and learning new module.If i face any problem i will send message you :slight_smile:


(system) #5

This topic was automatically closed after 30 days. New replies are no longer allowed.