Open In App

Vulmap – Web Vulnerability Scanning And Verification Tools

Last Updated : 14 Sep, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

Vulnerability Scanning is the process of testing the target domain for various vulnerabilities in Web containers, Web servers, Web middleware, and CMS, and other Web programs, and has vulnerability exploitation functions. Testing each CVE against the target domain manually is not possible as manual testing takes a lot of time. So automated testing is the approach through which we can test the different CVEs against the target domain more quickly. Vulmap is an automated script developed in the Python Language which tests for various CVEs against the target domain. Vulmap is open-source and free to use the tool. Vulmap supports the testing of multiple target domains parallelly. Vulmap supports saving the results in the text and JSON format for further uses. 

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process Python Installation Steps on Linux

Installation of Vulmap Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/zhzyker/vulmap.git

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd vulmap

Step 3: You are in the directory of the Vulmap. Now you have to install a dependency of the Vulmap using the following command.

sudo pip3 install -r requirements.txt

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 vulmap.py -h

Working with Vulmap Tool on Kali Linux OS

Example 1: Test all vulnerabilities poc mode.

In this example, We are testing some common vulnerabilities against the target domain geeksforgeeks.org.

python3 vulmap.py -u http://geeksforgeeks.org

Example 2: Display the list of supported vulnerabilities

In this example, We are displaying the list of available vulnerabilities.

python3 vulmap.py --list

Example 3: Check target domain for struts2 vuln

In this example, We are testing struts2 vulnerability against the geeksforgeeks.org domain.

python3 vulmap.py -u http://geeksforgeeks.org -a struts2

Example 4: Batch scan URLs in list.txt

In this example, We are testing a list of multiple targets at the same time.

python3 vulmap.py -f targets.txt

Example 5: Export scan results to result.txt

In this example, We are saving the results in text file format.

python3 vulmap.py -u http://facebook.com --output-text result.txt



Like Article
Suggest improvement
Previous
Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux
Next
CMSsc4n - Tool to identify if a domain is a CMS
Share your thoughts in the comments

Similar Reads

Netnoob - Network tools, information gathering tools and scanning tools
Golismero - Scan Website, Vulnerability Scanning, WEB Server in Kali Linux
Red Hawk - Information Gathering and Vulnerability Scanning Tool in Kali Linux
FazScan - Vulnerability Scanning and Pentesting
Auto Scanning to SSL Vulnerability - A2SV Tool in Kali Linux
What is Vulnerability Scanning in Kali Linux?
Vulscan - Vulnerability Scanning with Nmap in Kali Linux
Kali Linux - Vulnerability Analysis Tools
Nexpose Vulnerability Analysis Tools
RapidScan – The Multi-Tool Web Vulnerability Scanner in Kali Linux

G
gauravgandal
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox