Update Uniscan V-6.1- Web vulnerability scanner

 changelog Uniscan V6.1 :

  • – Added -w 4 on ping command of Server information module.
  • – Small bugfix on crawler.
  • – Bugfix on SQL injection plugin.
  • – Bugfix on Blind SQL injection plugin.
  • – Added a new test on Blind SQL injecion plugin.
  • – Added option to show crawling ignored files.
  • – Removed fews extensions of “find Backup files” plugin.
  • – Added option to write all requests done by uniscan on requests.txt.
  • – Improved FCKeditor plugin.
  • – Improved checkBackup plugin.
  • – Added new plugin for crawler: timthumb vulnerability.
  • – Added new plugin for dynamic tests: timthumb vulnerability.
  • – Removed a bug that crashed the threads.

The Uniscan is a Web vulnerability scanner, aimed at information security, which aims at finding vulnerabilities in Web systems and is licensed under the GNU GENERAL PUBLIC LICENSE 3.0 (GPL 3).

Uniscan characteristics:

  •     Identification of system pages through a Web Crawler.
  •     Use of threads in the crawler.
  •     Control the maximum number of requests the crawler.
  •     Control of variation of system pages identified by Web Crawler.
  •     Control of file extensions that are ignored.
  •     Test of pages found via the GET method.
  •     Test the forms found via the POST method.
  •     Support for SSL requests (HTTPS).
  •     Proxy support.
  •     Generate site list using Google.
  •     Generate site list using Bing.
  •     Plug-in support for Crawler.
  •     Plug-in support for dynamic tests.
  •     Plug-in support for static tests.
  •     Plug-in support for stress tests.
The uniscan must be run from the command line. Example: perl uniscan.pl -u http://www.example.com/ -d
Other options:


-h      help
-u       example: https://www.example.com/
-f       list of url’s
-b      Uniscan go to background
-q      Enable Directory checks
-w      Enable File checks
-e      Enable robots.txt check
-d      Enable Dynamic checks
-s      Enable Static checks
-r      Enable Stress checks
-i       Bing search
-o      Google search

Example Demonstration Uniscan Beta – Web vulnerability scanner for RFI, LFI and RCE bugs, SQL injection, xss, etc.


Platform : Unix/Linux

Download latest version : uniscan6.1.tar.gz (237.0 kB)
Find other version |
Read more in here : http://uniscan.sourceforge.net/
Our Post Before :

  • http://www.seclist.us/2012/05/update-uniscan-v-60-web-vulnerability.html
  • http://www.seclist.us/2012/04/update-uniscan-v54-web-vulnerability.html
  • http://www.seclist.us/2012/03/uniscan-v53.html