Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. It’s a very simple yet quite powerful tool to scan website for vulnerabilities in Kali Linux (or any Linux as a matter of fact). It does the job fast and without hassle. You don’t need too much experience to run it, but you might need a good Internet connection and a very long time.
Uniscan got a text or CLI based scanner and a Graphical interface. You can use either but I found CLI to be somewhat faster. But I could be wrong.
Scanning websites using Uniscan
Scan the given URL (-u http://192.168.1.202/) for vulnerabilities, enabling directory and dynamic checks (-qd):
Scanning website using Uniscan-GUI
First run uniscan-gui using the following command from your terminal:
In the GUI you type in the URL of the target site and select the checks you want to perform. Press
Start Scan and off you go.
If you want to check everything, it’s better off using uniscan from command line with a -b flag to have uniscan running in background. For example:
root@kali:~# uniscan -u test-a.site.com -bqdw
There’s many other tools and I will discuss them in time. In the meantime you can use few tools like hping3, slowloris, GoldenEye etc. to do stress testing