
By: spiritedwolf
March 31, 2017
GOLISMERO Framework - The Web Knife

By: spiritedwolf
March 31, 2017
Hello Everyone,
This amazing method is used for Information-Gathering process/Security-testing/technique.
What is Golismero?
I was talking with one of my friend Gee4rce and he told me about this tool. He told me that Golismero is a collection of tools which are usually used seperately to scan for Vulnerabilities. In this Toolbox we have OpenVAS, (etc.) - all theese are vulnerability scanners. By using a vulnerability scanner, you automate the process of vulnerability scanning and mostly get the results back in a Report. Golismero combines some of the most powerfull OpenSource or free for use tools curently availible. With this, you have all these tools in one place, combined in Golismero.
Why Golismero?
I know your first question will be why we should use Golismero when we have some amazing tools for pentesting? Right?
5. It is also integrated with CVE and OWASP so it will easy for us to use them now.[For report's]
DOWNLOADING/INSTALLATION
Just follow these simple steps:
1.apt-get install python2.7 python2.7-dev python-pip python-docutils git perl nmap sslscan
2.cd /opt
3.git clone https://github.com/golismero/golismero.git
4.cd golismero
5.pip install -r requirements.txt
6.pip install -r requirements_unix.txt
7.ln -s /opt/golismero/golismero.py /usr/bin/golismero
Then just exit and we have done.
For More Info Go: HERE
So, I am dividing this tutorial into 2 parts. The 1st one is this. I will just introduce this tool, and in next tutorial, I will Demonstrate on Live website.
USAGE OF GOLISMERO
So, Basic command is of course " -h "
golismero -h
A. 1st command is:
golismero scan <target>
Example:-"golismero.py scan http://www.example.com"
B. 2nd command is:-
golismero scan <target> --audit-name <name>
C. 3rd command is:-
golismero scan <target> -o <output file name>
We can produce reports in different file formats. Example in .html , .php or in .txt etc. and you can write as many files as you want.
D. 4th command is:-
golismero scan -i nmap_output.xml -o Report.html
We can Grab Nmap results scan all hosts found and write an HTML report.
Golismero Available plugins
To display the list of available plugins:
golismero plugins
See you in my next tutorial Friends
It took me 1 Hour to make this tutorial, But it will take only 1 sec. to leave a review/reply here. Please comment if you like this tutorial.
Please subscribe my channel:- https://www.youtube.com/c/Pentestingwithspirit
Please Like/Follow me on Facebook:-https://facebook.com/Pentestingwithspirit
Please Follow me on twitter:-https://twitter.com/spirit3113
Join me here:-https://crackingforums.net/member.php?action=register&referrer=45