Uniscan - Web Vulnerability Scanner

Hey all in this tutorial i will be telling you all about uniscan which is a small but powerfull tool.

What Is Uniscan ?

The Uniscan is a vulnerability scanner for Web applications, written in perl for Linux environment. It was developed as conclusion work of the computer science course of Federal University of Pampa and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 (GPL 3).

Features Of Uniscan

• Identification of system pages through a Web Crawler.
• Use of threads in the crawler.
• Control the maximum number of requests the crawler.
• Control of variation of system pages identified by Web Crawler.
• Control of file extensions that are ignored.
• Test of pages found via the GET method.
• Test the forms found via the POST method.
• Support for SSL requests (HTTPS).
• Proxy support.
• Generate site list using Google.
• Generate site list using Bing.
• Plug-in support for Crawler.
• Plug-in support for dynamic tests.
• Plug-in support for static tests.
• Plug-in support for stress tests.
• Multi-language support.
• Web client.
• GUI client written in perl using tk.

Installing Uniscan

For installing uniscan on your system just use the following command

apt-get install uniscan

After installing we can also locate it to check whether it is located in the place where we want it or not.

For that you can use following command

locate uniscan/pentest/web/uniscan

Using Uniscan

The simple command used for scanning is

./uniscan.pl -u http://www.victimsite.com/ -qedws 

 

Other Usage's

 perl ./uniscan.pl -u http://www.targetsite.com/ -qweds

 perl ./uniscan.pl -f sites.txt -bqweds

 perl ./uniscan.pl -i uniscan

 perl ./uniscan.pl -i xxx.xxx.xxx.xxx

 perl ./uniscan.pl -u https://www.targetsite.com/ -r




 Hope you all enjoyed this tutorial and if you have any  problem or question then you may ask in comments.