And finally, we're gonna show you another great free scanner,
which is Iraq night. So let's go check it out.
We're gonna come every a folder.
Let's come over here
jump into the Iraq knife. Older
Sierra Iraq knife older.
We will CD into Iraq. Nine.
I can't remember exactly where it was located at. All right, So we're going to
run the Iraq my Web script here
to get the Iraq nice Web set up.
All right, we see here that listening on
port 92 92. Local host.
We're gonna come over here or a browser
going. D'oh! Local host 9 to 9 to
admin account is admin at admin dot admin and the password is
Tipton, incorrectly. So,
All right, we're gonna come up here to scans click Now,
I'm gonna do a target. Earl of one into it. Out. 168
Zero down. 11 are whatever it is that you chose.
Remember to add the http
and we're gonna check for sequel injections.
if you want some kind of special description here Something for you to remember the different kind of scans of Jilin or who you're doing enforcement like that. You type that
right here in the description portion.
We're gonna perform a direct scan
scanner is initializing and running through.
So is that it? Do its thing.
All right, we're certain to see some results here.
when can see. Hey, look at that sequel example. One.
It's found a a sequel injection here.
and I'll give us some further detail,
what exactly was injected into it,
and then the request it was sent
If there was a proper response back, it would be here. But there was not a proper response for this one.
Here's some more information about the sequel injection, which could be very helpful for building or your report.
Now you can click scans here,
and it will show you your current scans and a skins you had in the past.
Then you just click on the eye and I'll take you back to your current active scan, and you can continue looking at
and reviewing the different
injections here that you get
now, as you can see here that this may be missing some contacts because the skin is still running. So if we wait for the end of the skin and will give us some more detail about what? Actually,
let's let this ah, continue scanning. Here
is what you see. Here we see the runtime,
how many pages of sexually scanned and how many issues it's found. So let's continue. Let's let this continue doing it saying here
all right. And the scan is complete.
Found seven different
let's go. Let's go check out the review further. See what additional details we may have gone from this.
recognize a fantastic tool.
It allows you to heavily edit your skins.
We could look at the different profiles force canings.
We could see what kind of different areas
buzzing and what it actually is putting into
the different fields here.
So if we wanted Thio
the, uh the sequel injection,
we go over to our profiles, click the edit button
is ah is where we were at it. You know what we want our did it and think things like that.
so this is very important for
you know how in depth you may want the scan ago. How may how aggressive you may want it. Any kind of user names that you want put in a password. So say you have an application that requires,
you know, being logged into you could put your authentication methods here, let it log in and scan even deeper into
that. The page. So very handy stuff,
Very useful stuff to damage Iraq, and I
tweak it. Check it out. It's fantastic. So what exactly was covered? Why the scanning is important. You know why the discovery is important?
Two different types of discoveries. And then we also discuss these different tools that you can use, and I showed you some examples of how to use them. So go play a little, try out the different variables, see what you can dig up.
Happy acting, everyone