(Red Hawk)Website Vulnerability Scanner Kali Linux
Hello Friends! Today we will talk about website information gathering and website vulnerability scanner Kali Linux tool(Red Hawk). Red Hawk is all in one tool which can help you to get most of the information about a website. This tool is very good for beginners.
This tool can save your time. Because it is all in one tool. By finding the information using different tools. This tool can show you the most of the information on the website.
Website Vulnerability Scanner Kali Linux
Let’s Start 🙂
First of all, you need to download this tool by CLICK HERE or you can download this tool by typing
git clone https://github.com/Tuhinshubhra/RED_HAWK.git
in your terminal.
After downloading this tool you need to go to open this folder by typing
Here you can see its rhawk.php file which you have to run. Now, type
to run this tool.
You can see now Red Hawk tool is ready to perform website vulnerability scan. Now type the website domain name here. For ex:- I am typing xyz.com Then you have to choose the method on which you wanted to perform the scan HTTP & HTTPS. So, I type 1 here.
Now you can see here so many options are present which you can perform to perform website vulnerability scan.
1st Option is Basic Recon in which you can find the basic details of the website. I also write a post on recon-ng you can read that post.
Don’t Forget:- What Is Recon-ng? How To Use Recon-ng Best Guide
So, I type 0 for doing recon on the given domain.
You can see here all the details found by recon is available here like CMS, Cloudflare, Web Server, Site IP address.
2nd option is Whois Lookup in which you can find the basic details of the owner and nameservers name. Now, for using this option type 1
This option will show you all the available information about a domain like an Expiry date, registration date, nameservers and some more.
3rd Option is Grab Banner that means to find the services which are running on the ports. This will show you the server details.
5th Option is Subnet Calculator. To use this option type 5. This will show you the subnet.
Similarly, 6th Option for Nmap port scan which tells you the information about all the ports.
So, Its a very simple tool to use. Only you have to type the number of any module and hit enter then that module will show you the information.
7th Option tells you about the subdomain if present any.
8th Option will tell you the CMS.
9th Option will be used to scan a website for SQL Vulnerability. If you know about SQL Injection then you know that the attack will only work on a particular page which has parameters. This module will show you all the pages which have parameters.
10th Option is not important
11th Option will scan that WordPress website.
12th Option will crawl the whole website. Crawling means a bot will go to that particular website and makes a list of all the page links which are present there.
13th Option is the MX Lookup which will show you all the mail exchanger.
So, this tool is very good for a website vulnerability scan. It is very easy to use. This will very helpful for beginners. Hope you like this tutorial. If you found any doubts regarding this then you can ask it in the comment section and Our team will try to help you.