Header Ads

Breaking News
recent
Home Unlabelled WhiteWidow- A sql Injection Vulnerability Scanner

WhiteWidow- A sql Injection Vulnerability Scanner

October 31, 2017

whitewidow is a open source tool which is used to find the sql injection vulnerability.

This is very powerful scanner developed in ruby programming language.This tool  is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, ability to launch sqlmap from the program, and a fun environment. This program was created for learning purposes, and is intended to teach users what vulnerability looks like.

Screenshots:


 




Whitewidow is capable of finding vulnerabilities in websites by scraping Google using over 1,000 different queries that are carefully researched before added. It also uses multiple different SQL injection approaches






 

Whitewidow is a powerful open source vulnerability scanning tool which is capable of crawling a webpage for all available links, and then it search  vulnerability in each link using the program and built a file feature






After the completion of scanning task, you can find some sql injection vulnerable sites, and now you can run sqlmap directly from the program. you need not to clone any other repository or files.











steps of downloading or cloning  from the github.

step 1:  go to the link here

step 2: download the tar file or clone the program on your machine as

 

root@sh3ll:~#git clone https://github.com/WhitewidowScanner/whitewidow.git

Now change the directory to the cloned folder

step 3: download all the requirements running command on terminal as


root@sh3ll:~# bundle install



if your system is debian or other linux distribution then you can face problem or error during installation of the bundle which is required for ruby then you can run or install the following file through the command below:



root@sh3ll:~# sudo apt-get install liblzma-dev
root@sh3ll:~# sudo apt-get install zlib1g-dev



After that you can change your path to the directory where you have download or clone the file from github as below:


root@sh3ll:~/Desktop/whitewidow#
Now run the command 

 

root@sh3ll:~/Desktop/whitewidow# bundle install

After the installation complete now you can run the program as below for normal scan 



root@sh3ll:~/Desktop/whitewidow# ruby whitewidow.rb -d <targeted domain name>




References 

https://securityonline.info/whitewidow-sql-vulnerability-scannersql-injection-scannersql-injection-tool
 https://github.com/WhitewidowScanner/whitewidow








Tags :

No comments:

Subscribe to: Post Comments ( Atom )
Powered by Blogger.