Wednesday 1 May 2013

How to find a Vulnerable Website?



How to find a Vulnerable Website?

Web page Security is a significant problem these days and should be a concern in any company or a website owner, Now a times Online hackers are focusing a lot of their initiatives to discover gaps in a web program, If you are a website owner and having a Great Page ranking and Great Traffic then there is a chance that you might be a sufferer of these Online hackers.
Few in the past their persisted no proper resources search for weeknesses, but now a times you will find loads of resources available through which even a beginner can discover a insecure website and start Hacking


 Typical Techniques used for Web page Hacking

There are lots of techniques that can be used to crack a website but most usual ones are as follows:


1.SQL Injection
2.XSS(Cross Site Scripting)
3.Remote Computer file Inclusion(RFI)
4.Directory Traversal attack
5.Local Computer file inclusion(LFI)
6.DDOS attack

I have described some of these techniques in my publish "Common ways to crack a website"
Tools widely used to discover a insecure website

Acunetix

Acunetix is one of my preferred device to discover a venerability in any web program It instantly assessments your web programs for SQL Hypodermic injection, XSS & other web weaknesses.


Download Acunetix Web Security Scanner 

Nessus

Nessus is the best unix venerability testing tool and among the best to run on windows. Key features of this software include Remote and local file securitychecks a client/server architecture with a GTK graphical interface etc.

Download Nessus from the link below
http://www.nessus.org/download

Retina-

Retina is another Vulnerability Assessment tool,It scans all the hosts on a network and report on any vulnerabilities found.

Download Retina from the link below
http://www.eeye.com/downloads

Metasploit Framework 

The Metasploit Framework is the open source penetration testing framework with the world's largest database of public and tested exploits.

Download Metasploit 

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...