Hacker, Researcher and Author.

How to find a vulnerable Website?

Website security is a major problem today and should be a priority in any organization or a webmaster, Now a days Hackers are concentrating alot of their efforts to find holes in a web application, If you are a website owner and having a High Page rank and High Traffic then there is a chance that you might be a victim of these Hackers.
Few years back their existed no proper tools search for vulnerability, but now a days there are tons of tools available through which even a newbie can find a vulnerable site and start Hacking

 Common Methods used for Website Hacking

There are lots of methods that can be used to hack a website but most common ones are as follows:

1.SQL Injection
2.XSS(Cross Site Scripting)
3.Remote File Inclusion(RFI)
4.Directory Traversal attack
5.Local File inclusion(LFI)
6.DDOS attack

I have explained some of these methods in my post "Common methods to hack a website"

Tools commonly used to find a vulnerable website


Acunetix is one of my favorite tool to find a venerability in any web application It automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

Download Acunetix Web Security Scanner


Nessus is the best unix venerability testing tool and among the best to run on windows. Key features of this software include Remote and local file securitychecks a client/server architecture with a GTK graphical interface etc.

Download Nessus from the link below


Retina is another Vulnerability assessment tool,It scans all the hosts on a network and report on any vulnerabilities found.

Download Retina from the link below

Metasploit Framework

The Metasploit Framework is the open source penetration testing framework with the world's largest database of public and tested exploits.

Download Metasploit(For Windows users) from the link below

Download Metaspolit(For Linux users) from the link below


  1. nice post... :) good wrk bro :)

    Thanks for sharing :)

  2. Good post friend :)
    there is mistake in post title its vulnerable not velnerable

  3. @Ajeet
    I have corrected it, Sorry for it

  4. hi bro!i have been ur follower since month:),and hence with the advancement in the latest technique,i would like u to write upon the tools required to carry out "TAB NAPPING",the latest pshing tech!!

  5. @Satyam
    Well Satyam I know about this attack, but I am having a really hectic schedule due to which I am unable to concentrate on blogging, The attack is very simple you really need not to do any thing, The founder of this attack azarask has already given files for people like you and me to test this attack, but I will surely post on this in the near future

  6. Thanks a lot bro!!! :)

  7. fantastic trick & tool for find out vulnerable website.it is very helpful to me.

  8. hii rafay bhai h r u do u know umer??? Jumbo???


© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form


Email *

Message *

Powered by Blogger.