Yuki Chan is a free and open-source tool available on GitHub. Yuki Chan is an Automated Penetration Testing tool. This tool is very useful for security researchers. Yuki Chan is used for information gathering and testing of the security of websites and web servers. Yuki Chan is the easiest and one of the best tools for penetration testing. Yuki Chan provides many integrated tools to perform penetration testing on the target system.
Yuki Chan atomizes the penetration testing tasks. Yuki Chan is an open-source intelligence tool. This tool even used for vulnerabilities assessment of Content Management System (CMS). Just like recon -ng tool in kali Linux. Yuki Chan has many modules as well as metagoofil, wafninja, spaghetti, joomscan, xss scanner, Who-is, dnsrecon. Yuki Chan has a variety of modules that are used for penetration testing. In Yuki Chan each module starts running automatically when any of the modules scan the target. Yuki Chan consists of more than 15 modules that can be used for penetration testing.Yuki Chan is used for information gathering and testing of the security of websites and web servers. Yuki Chan is the easiest and one of the best tools for penetration testing. Yuki Chan provides many integrated tools to perform penetration testing on the target system.
Features of Yuki Chan tool :
- Yuki Chan is a free and open-source tool.
- Yuki Chan is Open source intelligence tool.
- Yuki Chan has integrated sub tools such as joomscan xss scanner etc.
- Yuki Chan can work with whois lookup.
- Yuki Chan can perform SSL Security Auditing
- Yuki Chan can track enumeration.
- Yuki Chan is a fully automated tool.
- Yuki Chan has more than 15 modules that can be used for penetration testing.
- Yuki Chan modules starts automatically when previous modules has stopped after scanning.
- Yuki Chan also have Fuzzing Module.
- Yuki Chan can also perform Auditing of Content Management System such as WordPress.
- Yuki Chan is a completed package of vulnerability analysis.
Uses of Yuki Chan tool :
- Yuki Chan is used to scanning websites and web apps.
- Yuki Chan is used to scanning content management system(CMS)
- Yuki Chan can find vulnerabilities in CMS eg. WordPress, Joomla etc.
- Yuki Chan has the large number of modules such as metagoofil, wafninja etc,
- Yuki Chan has a module called XSS scanner which is used to find cross-site scripting vulnerabilities.
- Yuki Chan is free and open source you can use this tool free of cost.
Installation of Yuki Chan in Kali Linux:
Step 1. Open your Kali Linux and move to the desktop using the following command. On desktop, we have to create a directory in which you will install the tool or clone the tool from GitHub.
command : cd Desktop
Step 2. As of now, you are on the desktop. Create a new directory called YukiChan using the following command.
command : mkdir YukiChan
Step 3. You have created directory YukiChan. Move to this directory using the following command.
command : cd YukiChan
Step 4. Now you are under YukiChan directory. Here you have to clone the YukiChan tool from GitHub. To clone the tool use the following command.
command : git clone https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest
Step 5. The tool has been downloaded to the directory. Now list out the contents of the tool using the following commands.
command : ls
Step 6. You can see a new directory here. Yuki-Chan-The-auto-Pentest. Move to this directory using the following command.
command : cd Yuki-Chan-The-auto-Pentest
Step 7. List out the content of the directory using the following command.
command : ls
Step 8. You have downloaded the tool, and now you have to give permission to the tool using the following command.
command : chmod 777 joomscan wafninja install-perl-module.sh yuki.sh
Step 9. List out the content of the tool again to check permissions using the following command.
command : ls
Step 10. You can see that permission has been changed. This is the time to give permission to the requirements using the following command.
command : chmod 777 requirements.txt
Step 11. Permission has been given to requirements also. Now install all the requirements using the following command. You need to install this module now.
command : pip install requirements.txt
Step 12. All the requirements have been downloaded into the system. Now you have to install Perl module.
command : ./install-perl-module.sh
Step 13. To run Yuki Chan tool, type the following command.
command : ./yuki.sh
The installation has been completed let’s see some examples.
Example 1. Scan scanme.org using Yuki Chan.
You have to give the target domain scanme.org to get the details and after typing the domain press enter.
Example 2. Scan google.com using Yuki Chan.
from here scanning will start and it will scan google.com
You find many details of google.com. Similarly, you can search for any domain. Different modules will run one by one will find information one by one.