9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows

http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 1/6
How to use Webshag-gui in kali linux
Intro - Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers useful common
functionality for web server auditing like website crawling, URL scanning or file fuzzing.
The common functionalities of the webshag are -
1. How to open
Port Scanning .
Web Crawling.
Url Scanning.
Retrieving the list of domain names .
File fuzzing .
A. GUI Method
Application Kali linux Web Applications Web Vulnerability Scanners webshag-gui
(Click on Image for Large View)
9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows
http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 2/6
B. Open Terminal type and hit enter webshag-gui
2. Here we didnt configure webshag properly before using so we got this error while Uscan.
ERROR : Invalid configuration value for custom_db_dir parameter
3. Another error on FUZZ
9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows
http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 3/6
4. Now time to set configure file so lets start. First of all open webshag.conf file for this use these command after
opening terminal
a. cd /usr/share/webshag/config
b. leafpad webshag.conf
5. Now locate the webshag config file by typing locate webshag command on terminal
6. So we have we have locate webshag info and webshag.conf file now copy some configuration source from locate
webshag and paste it on webshag.conf file.
View image for finding out which one you need to copy and paste.
9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows
http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 4/6
7. Save webshag.conf file.
8. Pscan - Write your target host/IPv4 in target field than click ok, your scan will be start. As result you will see all open
ports and ports details.
9. Spider Write your target host/ IPv4 in target area than click on OK, As result you can see internal directories, Emails
and external links which are attached with your host/IPv4.
9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows
http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 5/6

10. UScan This scan is most important part in webshag. Uscan will find out vulnerability in target host and also tell you
about exploit. Write your target host in target area than click on OK for starting Uscan. As result you can see we found
remote vulnerabilities in our target url.
11. Fuzz - As we all know is a Fuzzer which also runs through the site and find the folders of the services that are
running on that site.
(Click on Image for Large View)
Like it ? Share it.
9/15/2014 How to use Webshag-gui in kali linux | Geeky Shows
http://www.geekyshows.com/2013/08/how-to-use-webshag-gui-in-kali-linux.html 6/6

2
Share
0
Tweet
0
Share
0 11
Share