How to use arachni-web in kali linux


Intro - Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
1. How to open
A. GUI Method
Application → Kali linux→ Web Applications → Web Vulnerability Scanners → arachnid-web
                                                                              (click on image for large view)

2. when you first time starting arachni you need to add a dispatcher. Just click on add for adding it.

3. This is Start a Scan Tab First of all write your target website on the url area than click on launch scan. After some time your scan will be start. But before starting scan if you want, you can setup modules plugins etc visit next image for more info…

4. This is Modules tab here you can choose your modules by simply click on check and uncheck. After you have done don’t forget to save it. Of course you have to choose your modules before starting your scan.

5. This is Plugins Tab you need to check or uncheck. As you can see some plugin doesn’t support webUI.

6. Setting tab – here you can setup according to your need from auditor, crawler option etc..

7. Log Tab – This is a log file more info on image.

8. This is report tab in this tab you can save/view your scan result in different type of formats like text,html,xml etc..

9. This is our scanning repot in HTML format.

10. For getting this tab you have to go to Reports → HTML reports → Issues (Under summary). Here you can see we got 4 issues from our scan. You can see these issues with little description through this tab.

11. This is issues tab here you can see all issues with more details.

12. after setting up all things and launching for a scan your scanning progress will be shown like this image.
(click on image for large view)


Like it ? Share it.