I will be sharing with you a great tool which is rare to the public/Termux/Linux users which helps make alot of vulnerability scans at first run.
A scripts that will make web application vulnerability scanning easy and the name of this tool is RapidScan.
What is RapidScan?
RapidScan is a python based vulnerability scanner i.e scanning tool used to analyze vulnerabilities in web applications. This tool is equipped with utility scanning, such as Nmap, Golismero, Nikto, Uniscan and Dnsrecon.
This tool runs this utility to find vulnerabilities in web applications. Some well-known checks performed by tools include XSS, SQLi, DNS zone transfers, Local File Inclusions (LFI), Remote File Removal (RFI), Open directory vulnerabilities, open ports, and SSL related vulnerabilities. This tool not only finds vulnerabilities but also groups them into low, medium, high, and critical categories according to the definition of risk.
NOTE:- This Tool Doesn't Requires Root To Run.
How to install RapidScan Tool? Using Termux
RapidScan Installation is simple and straightforward. The tool can be installed by cloning the Github repository using the following command.
pkg install python2 && pip2
pkg install git
git clone https://github.com/skavngr/rapidscan.git
cd rapidscanlspython2 rapidscan.py
Now you are done with the installation part, but let me show you how to use RapidScan to scan for vulnerabilities.
How to Scan with RapidScan
run this below commands to scan for vulVulnerabilities in any website with RapidScan
python2 rapidscan.py <target website url>
Rapidscan first verifies the availability of the supported scanning tools, and then performs in-depth scanning of the target web application. The tool performs some 80 vulnerability tests.
If a vulnerability is detected, it is displayed in the scanning results along with threat level. The tool also provides background information about the discovered vulnerability and remediation/solution suggestions.
Future Development:
The tool developers are working to add some new features like:
[1] Associating the tool with OWASP
[2] Executive summaries of the discovered vulnerabilities.
[3] Automatic deployment of the scanning utilities according to the web applications’ architecture.
[4] A complete portable report about tools utilized in the scanning process along with the scan results.
And don't hesitate to hit the share button to share this post for the benefit of everyone, remember sharing is caring!.