Vulnnr – Vulnerability Scanner and Auto Exploiter in Kali Linux
Vulnerability Scanning is the methodology for testing the target domain for Security Flaws. These Flaws can be exploited and the attacker can gain access and also perform some malicious activities. There are various automated tools for performing Scanning. Vulnnr tool is a Python language-based script that performs the process of Vulnerability Scanning and Auto Exploitation. We can use this tool to check the security by finding the flaws in the target domain and get the shells if the domain is vulnerable. Vulnnr tool is available on GitHub, it’s free and open-source to use.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process – Python Installation Steps on Linux
Installation of Vulnnr Tool on Kali Linux OS
Step 1: Use the following command to install the tool in your Kali Linux operating system.
git clone https://github.com/psauxx/Vulnnr.git
Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.
Step 3: You are in the directory of the Vulnnr. Now you have to install a dependency of the Vulnnr using the following command.
sudo pip3 install -r requirements.txt
Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.
python3 Vulnnr.py -h
Working with Vulnnr Tool on Kali Linux OS
Example 1: WordPress Version Scanner
Type help to list all the available options
Type wpversion for getting WordPress Version
We have got the WordPress Version of http://geeksforgeeks.org target domain.
Example 2: SQL Injection Scanner
Type sql for Sql Injection Scanner
We have got the result for the SQL Injection scan on http://geeksforgeeks.org domain.
Example 3: Directory Scanner
Type dirscan for Directory Scanner
We have got the list of directories that are available on the http://geeksforgeeks.org domain server.
Example 4: Port Scanner
Type port dor Port Checker
We have got the status or activeness of port 443 on http://geeksforgeeks.org target domain.