zvilsec

Hello people, this time i will show you how to find a vulnerability of website using a tool named uniscan

Uniscan is a tool for test vulnerability of any website/blog from any attack of XSS, RFI, SQL injection, etc. Uniscan is a free and open source which is can be download for free. Uniscan was built using Perl.

Here it is a few steps for using this tool:

1. open your terminal

2. if you don't have this tool you can download by type apt-get install uniscan

3. Alright open uniscan by type uniscan

4. Then enter your target by typing

uniscan -u www.test.com --qweds

5. Now uniscan will find vulnerability of the website

6. if successful you will see the vulnerability URL of the site.

7. then execute with sqlmap

Fingerprint

Uniscan could show a fingerprint from the specific website. This command such as ping or traceroute the specific website. You can use this feature by typing
uniscan -u www.test.com -j or
uniscan -u www.test.com -g

Another Trick

Another trick is finding all domain on website using this tool by typing:
uniscan -i "ip:000.000.000.000"
change 000 with ip address of website

If you want to search using google dork with this  tool simply type:
uniscan -o 'googledork'


Thank you for using this tutor i hope you enjoy this.