I will be sharing with you a great tool which is rare to the public/Termux/Linux users which helps make a lot of vulnerability scans at first run.
A script that will make web application vulnerability scanning easy and the name of this tool is RapidScan.
What is RapidScan?
RapidScan is a python based vulnerability scanner i.e scanning tool used to analyze vulnerabilities in web applications. This tool is equipped with utility scannings, such as Nmap, Golismero, Nikto, Uniscan and Dnsrecon.
This tool runs this utility to find vulnerabilities in web applications. Some well-known checks performed by tools include XSS, SQLi, DNS zone transfers, Local File Inclusions (LFI), Remote File Removal (RFI), Open directory vulnerabilities, open ports, and SSL related vulnerabilities.
This tool not only finds vulnerabilities but also groups them into low, medium, high, and critical categories according to the definition of risk.
NOTE:- This Tool Doesn’t Require Root To Run.
How to install the RapidScan Tool?
RapidScan Installation is simple and straightforward. The tool can be installed by cloning the Github repository using the following command.
- pkg install python2 && pip2 install mechanize && pkg install git
- git clone https://github.com/skavngr/rapidscan.git
- cd rapidscan
- python2 rapidscan.py
Now you are done with the installation part, but let me show you how to use RapidScan to scan for vulnerabilities.
How to Scan with RapidScan
run this below commands to scan for vulnerabilities in any website with RapidScan
- ./rapidscan.py <target website url>
Rapidscan first verifies the availability of the supported scanning tools and then performs in-depth scanning of the target web application. The tool performs some 80 vulnerability tests.
If a vulnerability is detected, it is displayed in the scanning results along with threat level.
The tool also provides background information about the discovered vulnerability and remediation/solution suggestions.
The tool developers are working to add some new features like: Associating the tool with OWASP
 Executive summaries of the discovered vulnerabilities.
 Automatic deployment of the scanning utilities according to the web applications’ architecture.
 A complete portable report about tools utilized in the scanning process along with the scan results.