From the course: Penetration Testing with Metasploit
Join today to access over 24,800 courses taught by industry experts.
Scanning web applications using WMAP - Metasploit Tutorial
From the course: Penetration Testing with Metasploit
Scanning web applications using WMAP
- [Speaker] Vulnerability assessments are the first stage to any pen test exercise. Metasploit has a variety of tools that we can use for running successful vulnerability assessments against any topic. Let's take a look at few of these. A common vulnerability assessment tool that we can use with Metasploit is Wmap. Wmap is a tool built around sqlmap. Sqlmap, as we know, is a tool used primarily for SQL injections. In MSF console, we can use load Wmap command to load the Wmap plugin. Once the plugin is successfully loaded, let's see what are the features. Scroll all the way to the top. We have commands like Wmap modules, Wmap nodes, run, sites, target and vulnerabilities. Let us start by running few of these against a desired target. We first use the command, Wmap underscore sites hyphen a with the target IP address ten dot zero dot two dot twelve to add the target in our scope. Next, we use the command,…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.