PunkSPIDER - Web Application Vulnerability Search Engine
PunkSPIDER is a web application vulnerability search engine powered by PunkScan.
If you don't know anything about PunkScan, read this:
PunkSCAN is a ridiculously stable and fast distributed mass web application scanner. It is intended to deeply scan a massive number of targets, looking for common vulnerabilities.
It can be set up to continuously scan said targets and handle errors gracefully without compromising the rest of the job. It works by leveraging an existing Hadoop cluster to greatly improve scan time, depth, performance, and stability.
How To Use PunkSPIDER
First, go to www.punkspider.org
Enter a URL or a search term in the box and then configure the search according to your needs.
After configuring the search, click on the "Search!" button.
It will show you the results almost instantaneously:
As you can see in the above image, the first line of a result gives you the domain of the result. The Timestamp field on line 2 is the time that the site was added to the PunkSPIDER system.
Below that is the interesting part, the total number of vulnerabilities found on the website. You can get more details about the vulnerabilities by clicking on the "show details".
In the details section, the first 2 lines give you the type of vulnerability and the protocol (HTTP or HTTPS). The next two lines provide you with the exact URL in which the vulnerability was found along with the parameter that allowed the injection to take place. If you click on the link, you are technically probing the website for that vulnerability, this may be considered impolite.
When you're done, you can click on the "hide details" to collapse it.
That's all. I hope you liked reading this article.
If you find this article worthy, please share...
Source: www.effecthacking.com
PunkSPIDER - Web Application Vulnerability Search Engine
Reviewed by Anonymous
on
8:03 AM
Rating:
Reviewed by Anonymous
on
8:03 AM
Rating:
