How to find a Vulnerable Website?
Website Security is a major problem today and should be a priority in any organization or a webmaster, Now a days Hackers are concentrating alot of their efforts to find holes in a web application, If you are a website owner and having a High Page rank and High Traffic then there is a chance that you might be a victim of these Hackers.Few years back their existed no proper tools search for vulnerability, but now a days there are tons of tools available through which even a newbie can find a vulnerable site and start Hacking
Common Methods used for Website Hacking
There are lots of methods that can be used to hack a website but most common ones are as follows:
1.SQL Injection
2.XSS(Cross Site Scripting)
3.Remote File Inclusion(RFI)
4.Directory Traversal attack
5.Local File inclusion(LFI)
6.DDOS attack
I have explained some of these methods in my post "Common methods to hack a website"
Tools commonly used to find a vulnerable website
AcunetixAcunetix is one of my favorite tool to find a venerability in any web application It automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.
Download Acunetix Web Security Scanner
Nessus
Nessus is the best unix venerability testing tool and among the best to run on windows. Key features of this software include Remote and local file securitychecks a client/server architecture with a GTK graphical interface etc.
Download Nessus from the link below
http://www.nessus.org/download
Retina-
Retina is another Vulnerability Assessment tool,It scans all the hosts on a network and report on any vulnerabilities found.
Download Retina from the link below
http://www.eeye.com/downloads
Metasploit Framework
The Metasploit Framework is the open source penetration testing framework with the world's largest database of public and tested exploits.
Download Metasploit from the link below :
http://www.metasploit.com/download/BY HaRis