How to Install BlackDir-Framework in Linux?
Vulnerability scanning is the process of discovering, analyzing, and reporting on security flaws and vulnerabilities. Vulnerability scans can be run frequently on assets to find known vulnerabilities are detected and patched. The vulnerability scanning process can be performed in Automated and Manual ways. In the Automated way, various automated scripts or tools provide the Vuln Scan process from beginning to end. At the final stage, you get the report of detected vulnerabilities and the impact of exposure. BlackDir-Framework is a suite that helps the penetration testers with Vulnerability Scanning. BalckDir-Framework is an automated tool designed in the Python language. This Framework supports various vulnerability scanning such as XSS, SQL, HTML Injection, etc. Along with Vulnerability detection, this Framework allows gathering information about the target domain.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux
Features of BlackDir-Framework
- BlackDir-Framework allows automated Vulnerability Scanning.
- BlackDir-Framework supports XSS, SQL, HTML Injection vulnerabilities scanning
- BlackDir-Framework is an open-source tool and free to use.
- BlackDir-Framework gathers the port information about the target.
- BlackDir-Framework gathers the associated subdomains of the primary domain.
- BlackDir-Framework supports the Brute Force WordPress feature.
- BlackDir-Framework supports Hash Encryption like [md4,md5,sha1,sha256,sha384,sha512].
Installation of BlackDir-Framework Suite in Kali Linux OS
Step 1: Check whether Python Environment is Established or not, use the following command.
Step 2: Open up your Kali Linux terminal and move to Desktop using the following command.
Step 3: You are on Desktop now create a new directory called BlackDir-Framework using the following command. In this directory, we will complete the installation of the BlackDir-Framework tool.
Step 4: Now switch to the BlackDir-Framework directory using the following command.
Step 5: Now you have to install the tool. You have to clone the tool from Github.
git clone https://github.com/RedVirus0/BlackDir-Framework.git
Step 6:The tool has been downloaded successfully in the BlackDir-Framework directory. Now list out the contents of the tool by using the below command.
Step 7: You can observe that there is a new directory created of the BlackDir-Framework tool that has been generated while we were installing the tool. Now move to that directory using the below command:
Step 8: Once again to discover the contents of the tool, use the below command.
Step 9: Download the required packages for running the tool, use the following command.
pip3 install -r requirements.txt
Step 10: Now we are done with our installation, Use the below command to view the help (gives a better understanding of tool) index of the tool.
python3 BlackDir.py -h
Working with BlackDir-Framework on Kali Linux OS
Example 1: Spidering the Target
python3 BlackDir.py --spider http://geeksforgeeks.org
1. In this example, We will be spidering our Target domain geeksforgeeks.org for some sensitive directories or files hosted on the webserver.
Example 2: Enumerating Subdomains
python3 BlackDir.py --subdomain geeksforgeeks.org
1. In this example, We will be Enumerating Subdomains associated with the main domain geeksforgeeks.org.
Example 3: Checking XSS Vulnerability
python3 BlackDir.py --xss "http://vulnweb.com/search.php?test=query"
1. In this example, We will be testing the target domain for the XSS vulnerability flaw. Our target is http://vulnweb.com/search.php?test=query.
python3 BlackDir.py –xss “https://practice.geeksforgeeks.org/topic-tags/?ref=shm”
BlackDir-Framework suite is a complete all-in-one bundle that provides the Vulnerability Scanning and the Information Collection of the Target domain. We can even use Google Dorking for Advanced searches. This suite also supports reverse IP Lookup, Port Scan, Subdomain Enumeration. So we can use this Suite for Vulnerability Scanning and along with the Information Gathering phase.
Please Login to comment...