• We just launched and are currently in beta. Join us as we build and grow the community.

Vooki – Perfect Web Application Vulnerability Scanner for Windows

Nikit_OS

Syntax Tree Analyzer
N
N Rep
0
0
0
Rep
0
N Vouches
0
0
0
Vouches
0
Posts
88
Likes
195
Bits
0
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 400 XP
Black-and-White-Paper-Zine-Fashion-Influencer-YouTube-Thumbnail-Set.png


Hey Folks, in this tutorial we are going to talk about an window based web application vulnerability scanner called “vooki“. It is a free web application vulnerability scanner which gives us a perfect scan report about the scanned networks, applications. It is a user-friendly tool that you can easily scan any web application and find security vulnerabilities. Vooki scanner helps in finding such vulnerability in web application.

Vulnerability
  • SQL Injection.
  • Command Injection.
  • Header Injection.
  • Cross-site scripting – reflected.
  • Cross-site scripting – stored.
  • Cross-site scripting – dom based.
  • Missing security headers.
  • More.

Let’s take a look 😛 !!

Installation

If you are looking for a web application scanner for a window or mac operating system then you can go with it as it is available for both which you can download from here.

1-30.png


The installation of this tool in both operating systems is quite simple as you can easily configure it in your system by pressing enter 3 to 4 times.

2-29.png


In this tool you get the following options out of which we will try with basic scan first.

3-30.png


Here we have to enter the URL of the target web application that we want to scan.

4-27.png


Hmm 🙂 !! After clicking on “start Scan” button the vooki bar will be activated in which we can see all the details that it has found.

5-25.png


Results 🙂 !! After closing the vooki bar you will redirect to the results page where you can see all the results of the current or previous scans. In this tab we find some sensitive locations of web application.

6-27.png


Great 🙂 !! It looks impressive as you can see that it automatically finds all the vulnerabilities available in the web application as well as it classifies them based on the impact.

7-22.png


You can also intercept the request and response which is the same feature that we find in the burpsuite tool. Amazing :p !!

8-21.png


Also we can crawl any web application to get some sensitive files or locations.

9-18.png

Domain and Host Scanner

Through this feature we can get different information about the target such as whois information, open port, DNS etc. for which we need to enter the domain name or host address.

10-15.png


You can see almost all the necessary details about the target web server.

11-12.png


Also we can see all the services running on the target web server but not in depth.

12-10.png


This tool has another interesting encoding / decoding feature through which we can easily decode our hashes and encode plain text during penetration testing.

13-9.png


That’s all in this tutorial and we hope that now after reading this article from top to bottom you can control this tool very easily.

About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

422,212

310,551

310,560

A Ahmad19979
Top