Tulpar – Web Vulnerability Scanner Tool
Tulpar tool is an automated cyber security tool that is used to gather basic information about the target domain along with this. Tulpar tool is also used in the phase of Vulnerability Scanning. This tool can find security flaws like XSS, SQL Injection, Command Injection, and many more. Tulpar tool is developed in the Python Language and is available on the GitHub platform. We can also get the list of open ports on the target domain through its port scanner option. This tool is very much helpful for security researchers in the process of Penetration Testing.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux
Installation of Tulpar Tool on Kali Linux OS
Step 1: Use the following command to install the tool in your Kali Linux operating system.
git clone https://github.com/anilbaranyelken/tulpar.git
Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.
Step 3: You are in the directory of the tulpar. Now you have to install a dependency of the tulpar using the following command.
sudo pip3 install -r requirements.txt
Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.
python3 tulpar.py --help
Working with Tulpar Tool on Kali Linux OS
Example 1: Basic Information Collection about the target domain
python3 tulpar.py full testphp.vulnweb.com
We have got the basic information about the target like DNS details, Expiration Date and many more.
Example 2: Testing SQLi Security Flaw
python3 tulpar.py sql http://testphp.vulnweb.com/listproducts.php?cat=1
We are testing the target domain for SQLi Injection security flaw.
Tool is testing the domain with various combinations of SQLi payloads.
Example 3: Port Scanning
python3 tulpar.py portscanner testphp.vulnweb.com
We have got the list of open ports on the target domain.