Best Scanner for Websites Vulnerabilities

Hi, guys, I got my two websites which I need a test for security vulnerabilities. Which are the best Scanner for Vulnerabilities in websites to use in parrot?


It all depends on your goals. Any scanner is good in its own way. I am think OWASP, Nessus, W3af, Arachni is that which is from free. From paid probably BurpSuite Pro, Acunetix and MaxPatrol


Thanks for the specific answer Sergey! I will definitely choose something from your suggestions! :slight_smile:

1 Like

free and built into parrot

uniscan -u -qweds
nikto -h

Applications/Pentesting/Web Application analysis/Web Vunerability scanners

also Sn1per on github

1 Like

Do you know maybe also some tool like a mass DORK SEARCHER tool which looking for Vulnerable websites in various search engine? It could be paid or free.

Google Dorks not happy?)
Yet examples: DorkMe, which uses the Google Dorks technique, well and for example, Zeus-scanner.

1 Like

I just starting with SQL injections and manually I think it’s time-consuming with just google dorks and without any tools. What I should know about SQL injection which beginners should learn to make better and faster progress? Some valuable tip for me as a noob in SQL injection?:smiley: Thanks, Sergey again! I appreciate your help.

To begin with reading your country to have a Law that should be clearly and clearly written that the hack information system is prohibited by law …)) You do not need learning to injection the code. In the firsts step get started create databases and use SQL statements. Only in this way will understanding come. Start with the most common MySQL database.

1 Like

Stop being script kiddie and doing illegal shits please.

1 Like

We’re not talking about illegal things, I am a completely white hat. I want to learn some SQL injection for white hat purpose that’s why I ask a couple of questions. My website database which was “secured by professional from Fiverr” got hacked by SQL injection" about two months ago which I know about the leak two weeks ago… It’s really hurt my pocket as well as reputation, that’s why I ask about SQL Injection to secure my websites database mostly and just to learn more about it, how it’s work etc. More info I know more secure I am.

put a LAMP environment together and write some code, without an understanding of how the data is stored and accessed, running scans and throwing exploits from Rapid7 at them is the very definition of SKID… :wink: Here is a start…

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.