Website Scanning Tools

Website Scanning Tools:
--------------------
1). Nikto
Command :
-----------
perl nikto.pl -host http://abcd.com

2). Uniscan
Command:
----------
perl uniscan.pl -u http://dev.erectrutment.com/

3). w3af
Insert the target URL ==> Select the Profiles and Plugins ==> Start

4). Burpsuite

5). skipfish
Command :
------------
./skipfish -S dictionaries/complete.wl -o /tmp/scan http://www.abcd.com

6). Vega
First Choose the Scanner Tab From Right ==> Scan ==> Start New Scan

7). Wapiti:

Command : python wapiti.py http://url.com/

SQL Injection Exploit:
------------------------
1). SQLMap
http://backend.erecruitment.com/site/login?LoginForm[email]=1
2). Havij

Mozilla Addons for Testing :
-----------------------------
1). SQL Inject me for SQL Injection
2). XSS me for XSS attack testing