Intro - Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers useful common functionality for web server auditing like website crawling, URL scanning or file fuzzing.
The common functionalities of the webshag are -
  • Port Scanning .
  • Web Crawling. 
  • Url Scanning. 
  • Retrieving the list of domain names .
  • File fuzzing .

1. How to open
A. GUI Method
Application → Kali linux→ Web Applications → Web Vulnerability Scanners → webshag-gui
                                                                               (Click on Image for Large View)

B. Open Terminal type webshag-gui and hit enter

2. Here we didn’t configure webshag properly before using so we got this error while Uscan.
 ERROR : Invalid configuration value for ‘custom_db_dir’ parameter

3. Another error on FUZZ

4. Now time to set configure file so let’s start. First of all open webshag.conf file for this use these command after opening terminal
a. cd /usr/share/webshag/config
b. leafpad webshag.conf

5. Now locate the webshag config file by typing locate webshag command on terminal

6.  So we have we have locate webshag info and webshag.conf file now copy some configuration source from locate webshag and paste it on webshag.conf file.
View image for finding out which one you need to copy and paste.

7. Save webshag.conf file.

8. Pscan -  Write your target host/IPv4 in target field than click ok, your scan will be start. As result you will see all open ports and ports details.

9. Spider – Write your target host/ IPv4 in target area than click on OK, As result you can see internal directories, Emails and external links which are attached with your host/IPv4.

10. UScan – This scan is most important part in webshag. Uscan will find out vulnerability in target host and also tell you about exploit.  Write your target host in target area than click on OK for starting Uscan. As result you can see we found remote vulnerabilities in our target url.

11. Fuzz - As we all know is a Fuzzer which also runs through the site and find the folders of the services that are running on that site.
(Click on Image for Large View)

Like it ? Share it.

Post a Comment

  1. " This is why a non loop LCD housing are different from any other outdoor television housing, some even have patents pending on their design and these units are installed in facilities such as prisons and mental health units. Only as he begins to gain popularity, he also begins to dilute his message, until he manages to win the election but at the cost of his own idealism. It is named for Jean-Marie Charcot a French neurologist who observed a severe pattern of joint destruction in patients with advanced syphilis. In the case of teenagers parents should supervise their computer activity.

    my web page international removals

  2. I am reading your post from the beginning, it was so interesting to read & I feel thanks to you for posting such a good blog, keep updates regularly.
    Web design course in Chennai


Comment Rules :
1. Do not post Adult/illegal Links.
2. Try to comment in only English Language.
3. Do not post other website's links which are useless.
4. Your Comment should be based on the Topic for other queries Kindly Visit our Contact Us Page.
5. Do not use Abusive Language.
6. Respect each other.
Thank You for following the rules. Please Comment....