Using N-Stalker Tool to Scan Web Applications

Filed in Uncategorized
  1. Launch N-Stalker, wait till the GUI appears then click ‘ Update ‘ to update application

Screen Shot 2018-05-29 at 21.41.10

2. N-Stalker will soon update the database, wait some few minutes

Screen Shot 2018-05-29 at 21.44.36

3. After the database update complete, click Start to rescan a new session

Screen Shot 2018-05-29 at 21.44.44

4. In the N-Stalker wizard, enter a URL of the web apps that will be scanned. For this example we use http://10.0.0.2/goodshopping. Choose OWASP Policy in Scan Policy tab then click next

Screen Shot 2018-05-29 at 21.44.53

5. URL Restriction box will pop-up, click yes to continue

Screen Shot 2018-05-29 at 21.45.04

6. Click Optimize Settings, leave it default and click yes

Screen Shot 2018-05-29 at 21.45.11

7. Click yes on the Settings not Optimized box

Screen Shot 2018-05-29 at 21.45.17

8. Click Review Summary, then click Start Session

Screen Shot 2018-05-29 at 21.45.23

9. Start Scan after complete finishing the configuration of N-Stalker to start scanning the website

Screen Shot 2018-05-29 at 21.58.36

10. It will soon scan the website, as the chart is moving

Screen Shot 2018-05-29 at 21.58.43

11. Let the apps scan the website. It has 4 steps which are Spider, Info Gather, Run modules, Sig Scanner

Screen Shot 2018-05-29 at 21.59.36

12. After finish the scanning, wizard box will appear. Click saveĀ  scan result and keep scan session for further analysis, and then ‘ Next ‘

Screen Shot 2018-05-29 at 21.59.42

13. Summary of vulnerabilities will be shown, click done after finish examine that

Screen Shot 2018-05-29 at 21.59.50

14. On the left side, expand all nodes to see websites pages

Screen Shot 2018-05-29 at 22.00.06

15. Complete scan results can be seen the dashboard, it can also expand all the vulnerabilities of site’s vulnerabilities

Screen Shot 2018-05-29 at 22.00.27

 

Posted by : Raden Aditya Pribadi – CS2020 – 2001605116