Hello guys, today I'll present you D-Tect which is a tool used collect web site vulnerability and info.
First of all what the program does:
*Sub Domain Scan
*Port Scan
*Wordpress Scan
*Wordpress User Name Numbering
*Wordpress Backup Disable
*Sensitive File Detection
*Same-Site Scripting Scan
* Click Jacking Detection
*Strong XSS security vulnerability scan
*SQL Injection security vulnerability scan
Now it's time for downloading.....
Program download link:
First we open our terminal...
Then we transition to desktop withcd Desktop command
Then, let's download the file to desktop with git clone command
Our program has been downloaded....
Then, we transition to the file with cd D-TECT-1 command
We view existing files with ls command.
Then, to run our program, let's use python d-tect.py command.
The program is running....
Now I'll do port scan ,sub domain scan, xss security leak...
Let's begin...
First , let's do sub domain scan..
It asks site name...Let's type it.
Yes, we've started the scan....
Some screenshots from the scan:
It says Subdomain found, yes we've found our sub domain names... The processes after here is in your responsibility.(I've stopped the scan at half, I didn't want to wait.)
Now let's head port scan process:
It asks for site name... Let's type it...
If you wish, you can scan one by one Example:
Yes, port 80 is open...
If you wish you can scan to know if the ports you target are open
Example:
If you wish you can scan a specific port range...Example:
By typing all, you can scan all ports from 20 to 5000...
It may take long....
Some frames from the scan:
(Guys I stopped the scan because it takes so long.)
Yes, now let's do XSS vulnerability scan...
It asks for a site name from us. Let's type....
It has started the scan....
It couldn't find XSS vulnerability....
My thread was till here. I didn't try the other options but you can try it and find out. öğrenebilirsiniz. I'll be glad if you tell my mistakes and what I need to do.
Enjoy the forums.....
Source : https://www.turkhackteam.org/web-se...te-zafiyet-ve-bilgi-toplama-araci-d-tect.html
Translator : Vilge234
First of all what the program does:
*Sub Domain Scan
*Port Scan
*Wordpress Scan
*Wordpress User Name Numbering
*Wordpress Backup Disable
*Sensitive File Detection
*Same-Site Scripting Scan
* Click Jacking Detection
*Strong XSS security vulnerability scan
*SQL Injection security vulnerability scan
Now it's time for downloading.....
Program download link:
Kod:
https://github.com/shawarkhanethicalhacker/D-TECT-1
Then we transition to desktop withcd Desktop command
Kod:
cd Desktop
Kod:
git clone [URL]https://github.com/shawarkhanethicalhacker/D-TECT-1[/URL]
Our program has been downloaded....
Then, we transition to the file with cd D-TECT-1 command
Kod:
cd D-TECT-1
Kod:
ls
Then, to run our program, let's use python d-tect.py command.
Kod:
python d-tect.py
Now I'll do port scan ,sub domain scan, xss security leak...
Let's begin...
First , let's do sub domain scan..
Kod:
3
Yes, we've started the scan....
Some screenshots from the scan:
It says Subdomain found, yes we've found our sub domain names... The processes after here is in your responsibility.(I've stopped the scan at half, I didn't want to wait.)
Now let's head port scan process:
Kod:
4
If you wish, you can scan one by one Example:
Kod:
80
If you wish you can scan to know if the ports you target are open
Example:
Kod:
21,22,80,445,8080
If you wish you can scan a specific port range...Example:
Kod:
20-80
By typing all, you can scan all ports from 20 to 5000...
Kod:
all
Some frames from the scan:
(Guys I stopped the scan because it takes so long.)
Yes, now let's do XSS vulnerability scan...
Kod:
6
It has started the scan....
It couldn't find XSS vulnerability....
My thread was till here. I didn't try the other options but you can try it and find out. öğrenebilirsiniz. I'll be glad if you tell my mistakes and what I need to do.
Enjoy the forums.....
Source : https://www.turkhackteam.org/web-se...te-zafiyet-ve-bilgi-toplama-araci-d-tect.html
Translator : Vilge234
Moderatör tarafında düzenlendi: