9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows

http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 1/6

How to use Webshag-gui in kali linux

Intro - Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers useful commonfunctionality for web server auditing like website crawling, URL scanning or file fuzzing.The common functionalities of the webshag are -

1. How to open

Port Scanning .

Web Crawling.

Url Scanning.

Retrieving the list of domain names .

File fuzzing .

A. GUI MethodApplication Kali linux Web Applications Web Vulnerability Scanners webshag-gui (Click on Image for Large View)

9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows

http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 2/6

B. Open Terminal type and hit enterwebshag-gui

2. Here we didnt configure webshag properly before using so we got this error while Uscan. ERROR : Invalid configuration value for custom_db_dir parameter

3. Another error on FUZZ

9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows

http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 3/6

4. Now time to set configure file so lets start. First of all open webshag.conf file for this use these command afteropening terminala. cd /usr/share/webshag/configb. leafpad webshag.conf

5. Now locate the webshag config file by typing locate webshag command on terminal

6. So we have we have locate webshag info and webshag.conf file now copy some configuration source from locatewebshag and paste it on webshag.conf file.View image for finding out which one you need to copy and paste.

9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows

http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 4/6

7. Save webshag.conf file.

8. Pscan - Write your target host/IPv4 in target field than click ok, your scan will be start. As result you will see all openports and ports details.

9. Spider Write your target host/ IPv4 in target area than click on OK, As result you can see internal directories, Emailsand external links which are attached with your host/IPv4.

9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows

http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 5/6

10. UScan This scan is most important part in webshag. Uscan will find out vulnerability in target host and also tell youabout exploit. Write your target host in target area than click on OK for starting Uscan. As result you can see we foundremote vulnerabilities in our target url.

11. Fuzz - As we all know is a Fuzzer which also runs through the site and find the folders of the services that arerunning on that site.

(Click on Image for Large View)

Like it ? Share it.

9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows

http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 6/6

2

Share

0

Tweet

0

Share

0 11

Share