Vulnerabilities Website Ko Kaise Hack Kare Kali Linux Me Owasp-Zap Ki Madad Se
OWASP-ZAPP-KYA-HAI
OWASP-ZAP ek Graphical user interface tool hai jo ki ek web applications hai jo vulnerabilities website ke bare me information deta hai yah bilkul free tool hai iske liye aapko kuch v pay nahi karna padega or yah ek open source hai zap ko use karna bahut h aasan hai aisa isliye kyoki ye GUI hai or iske professionals engeenears ne banaya hai jab ham koi proxy ko use karte hai tab zap unn sabhi users ka traffic ko manipulate kar deta hai jo oss proxy se pass hojata hai ye hame https traffic ki madad se help karta hai. yah ek highly efficient tool hai isko web developers pen-testers ke liye v use karte hai magar iska matlab ye nahi hai ki ye sirf pen-testers ke liye h use hota hai yah hamare target website ko hamare web applications se pata karta hai ki ye vulnerablities hai ki nahi jaise ki sql injection or xss vulnerablity etc .
Iske Kuch Main Uses Ko Ham Yaha Pe Bata Rahe Hai
1. Intercepting proxy.Zap configure your browser to proxy through zap in that way zap sees all the requests and responses.
2. Spider: crawls the pages that are hidden to you.
3. Free and open source.There is no pro version
4. Zap can brutforce directories.
5. Active and scanner.
6. Easy to use.
WEBSITE KO OWASP-ZAP SE KAISE SCAN KARE
ab ham apne main kam pe aate hai oppar to ham bas iske fayde bata rahe hai jo ki agar aapko use karna hai to kar sakte hai mgar ham yaha pe website ki information nikalne ka kam hai to chaliye aap apna terminal ko open karle or ye type kare.
STEP 1. ab aap yaha pe apna target website ko likhe or attack pe click karde
STEP 2. ab aap yaha pe onn sare tabs ko check kar sakte hai jo wo website ne request ko responses kiya hoga.
STEP 3. jab aapka scan complete hojayega tab aap alert pe click kare kyoki alert tab hame sari vulnerabilities list dikhata hai.
STEP 4. ab yaha aap picture me dekh sakte hai ki yaha pe hame kuch dangerous vulnerabilities or xss mila hai jo ki khas toar pe sql injection ke liye hota hai. ab aap pahle wale vulnerability pe click kre jo ki site ki script hai ab aap yaha left side me dekhenge ki bahut sare option honge jaise risk high confidence medium ye sari chije oss target website ke bare me hai jo aap url me dale hai .
NOTE : Agar aap xss vulnerablity ke barer me nhi jante hai to iske liye humne ek new post likha hai jaha pe hamne isko achi tarah se samjhaya hai oss post ko padhne ke liye yaha pe click kare.
STEP 5. Ab aapko next vulnerability sql injection pe jana hai aapki jankari ke liye bata du ki yah step sabse dangerous hai aisa isliye kyoki hackers iska use website ka username , password , email , more information ko crash karne ke liye karte hai.
STEP 6. Ab aap apne left side me dekhenge ki waha pe aapke target url ka id v moajud hai ab aap SQLMAP ki madad se website ko hack kar sakte hai kyoki oske id ne hame information dedi hai ki ye site sql injection karegi . ab aap apne url ko right side se uthaye jaise ki aap picture me dekh rahe hai jo ki hamne SQLMAP se exploit kiya hai .
X-FRAME-OPTIONS-HEADER-NOT-SET
yah ek bahut h powerfull tool hai iski madad se hackers clickjacking ko anjam dete hai agar aap chahte ho ki aapka website iss tarah ke problem me na phase to aap X-frame-otions ko apne http response header me isko add karna padega aisa iss liye kyoki page ka main part header hota hai yah step kewal apni website ki suracha ke liye hai maine isko isliye bataya hai kyoki aap iska istemal karke kisi website pe attack v kar sakte ho or apne aap ko hack hone se bacha v sakte ho.
OWASP-ZAP App me aap apne kiye gaye kam ko save kar sakte hai .
NOW-POST-IS-COMPLETED-HERE-IS-SOME-TIPS
Yah post isliye likhi gayi hai kyoki iski madad se app kisi v website ko aasani se check kar sakte hai ki wo website vulability hai ki nahi so frnds ummid hai ye post aap logo ko pasand aaya hoga agar aap professional tarike se website hacking sikhna chahte hai to ye post aapke bahut faydemand hoga isko social media me shere kare taki un logo ko v iske bare me pata chal sake or wo v iss post ko padh kar kuch sikh sake hamare iss post se aap koi galat use na kare to h acha rahega aisa isliye kyoki black hat hacking ek crime hai isko karne se hame bachna chahiye thank you for visting our site keep supporting us .
Comments
Post a Comment