Kali Linux Tutorial - Vulnerability Scanning - Osmedeus - Web Scanner




What is Osmedeus ?

  • Fully Automated Web Reconnaissance and Vulnerability Scanning in Penetration testing.
  • It allows to run the collection of tools automatically.
  • There are some features of osmedeus, which are mentioned below:
    • Easily view report from command line
    • Port Scan
    • Headers Scan
    • CORS Scan
    • Slack notification
    • IP discovery
    • Web technology detection
  • This tool comes under the Ethical hacking tutorial
 Osmedeus tool

Learn Ethical Hacking - Ethical Hacking tutorial - Osmedeus Tool - Ethical Hacking examples - Ethical Hacking programs

Alternatives of Osmedeus :

Raccoon

  • It is a high performance security tool.
  • It is used for reconnaissance and vulnerability scanning.
 raccoon

Learn Ethical Hacking - Ethical Hacking tutorial - Raccoon - Ethical Hacking examples - Ethical Hacking programs

Dirmap

  • It is an advanced web directory and file scanning tool.
  • It will be more powerful than other tools like DirBuster, Dirsearch, cansina, and Yu Jian.
 dirmap

Learn Ethical Hacking - Ethical Hacking tutorial - Dirmap - Ethical Hacking examples - Ethical Hacking programs

Passhunt

  • It is a simple tool for the purpose of searching default credentials for network devices , web applications and more.
  • It is used to search through 523 vendors and their 2084 default passwords.
 passhunt

Learn Ethical Hacking - Ethical Hacking tutorial - passhunt - Ethical Hacking examples - Ethical Hacking programs

Nullinux

  • It is a internal penetration testing tool.
  • It is used in Linux which is to enumerate OS information, domain information, shares and directories.
 nullinux

Learn Ethical Hacking - Ethical Hacking tutorial - Nullinux - Ethical Hacking examples - Ethical Hacking programs

Step By Step Procedure:

Step 1:

  • Open your browser and type osmedeus github ( for installing tool from GitHub Site) and open first link.
  • Click clone or download and then click Download ZIP.
  • Open Downloads and Extract the Osmedeus File.
 extract osmedeus file

Learn Ethical Hacking - Ethical Hacking tutorial - Extract Osmedeus File - Ethical Hacking examples - Ethical Hacking programs

Step 2:

  • Type the command cd Downloads which is used to change the current working directory and type ls command . This command is usually to view the content of current directory or targeted directory where you wanted to list the files in specific folder. Finally type cd Osmedeus command for opening osmedeus folder.
 list osmedeus file

Learn Ethical Hacking - Ethical Hacking tutorial - List Osmedeus File - Ethical Hacking examples - Ethical Hacking programs

Step 3:

  • Now type python3 osmedeus.py –hh command which means this tool is created in python3 format so type python3 and tool name (osmedeus) then put –hh for help command.
 python3 osmedeus

Learn Ethical Hacking - Ethical Hacking tutorial - Python3 Osmedeus - Ethical Hacking examples - Ethical Hacking programs

Step 4:

  • The interface logo and help commands are shown here.
 help commands1

Learn Ethical Hacking - Ethical Hacking tutorial - Help commands - Ethical Hacking examples - Ethical Hacking programs

 help-commands

Learn Ethical Hacking - Ethical Hacking tutorial - Help Commands - Ethical Hacking examples - Ethical Hacking programs

Step 5:

  • Let’s start the scan, type python3 osmedeus.py -t (web address) command for target the website then hit enter.
 Command to start the scan

Learn Ethical Hacking - Ethical Hacking tutorial - Command to start the scan - Ethical Hacking examples - Ethical Hacking programs

Step 6:

  • Scan will be running, then copy the http link ( http://0.0.0.0:8000 ). This link helpful for web interface.
 copy the link

Learn Ethical Hacking - Ethical Hacking tutorial - Copy the link - Ethical Hacking examples - Ethical Hacking programs

Step 7:

  • Now type 0.0.0.0:8000 in new tab and hit enter.
 type in new tab

Learn Ethical Hacking - Ethical Hacking tutorial - Type in New tab - Ethical Hacking examples - Ethical Hacking programs

Step 8:

  • Osmedeus login page is opened.
 osmedeus login page

Learn Ethical Hacking - Ethical Hacking tutorial - Osmedeus Login Page - Ethical Hacking examples - Ethical Hacking programs

Step 9:

  • Fill your Login credentails. Type the Username as "testhack" and password as "demo12345".
 type username and password

Learn Ethical Hacking - Ethical Hacking tutorial - Type Username and password - Ethical Hacking examples - Ethical Hacking programs

Step 10:

  • Summary, Logs, Reports blogs are shown here.
 blogs

Learn Ethical Hacking - Ethical Hacking tutorial - Blogs - Ethical Hacking examples - Ethical Hacking programs

Step 11:

  • Click Summary and select workspace, which is to view target workspaces summary.
 click-summary-and-select-workspace

Learn Ethical Hacking - Ethical Hacking tutorial - Click summary and select workspace - Ethical Hacking examples - Ethical Hacking programs

Step 12:

 click summary and select workspace

Learn Ethical Hacking - Ethical Hacking tutorial - Click Summary and Select Workspace - Ethical Hacking examples - Ethical Hacking programs

Step 13:

  • Select Logs, here some subdomains are displayed. Now click output folder.
 open output folder

Learn Ethical Hacking - Ethical Hacking tutorial - Open Output Folder - Ethical Hacking examples - Ethical Hacking programs

Step 14:

  • Some of the subdomains are displayed, which is related to website sub domains.
 sub domains

Learn Ethical Hacking - Ethical Hacking tutorial - Sub Domains - Ethical Hacking examples - Ethical Hacking programs

Step 15:

  • Now Click Reports. Then Report summaries are listed. Open portscan output file, which is used for open and closed ports displayed on the output file.
 report summaries

Learn Ethical Hacking - Ethical Hacking tutorial - Report Summaries - Ethical Hacking examples - Ethical Hacking programs

Step 16:

  • Scanned hosts are displayed here.
 scanned hosts

Learn Ethical Hacking - Ethical Hacking tutorial - Scanned Hosts - Ethical Hacking examples - Ethical Hacking programs

  • Open Services are shown with port.
 open services

Learn Ethical Hacking - Ethical Hacking tutorial - Open Services - Ethical Hacking examples - Ethical Hacking programs

 open corscan

Learn Ethical Hacking - Ethical Hacking tutorial - Open Corscan - Ethical Hacking examples - Ethical Hacking programs

  • CORScan output is shown here, no vulnerable is detected.
 corscan output

Learn Ethical Hacking - Ethical Hacking tutorial - Corscan Output - Ethical Hacking examples - Ethical Hacking programs

Step 17:



Related Searches to Vulnerability Scanning - Osmedeus