Web Application Penetration Testing consist of many stages, but the Footprinting/Reconnaissance stage is considered a process of getting deep information about a target.
Here we have TIDOS Framework, a comprehensive web application audit tool, developed in python which helps both penetration tester and ethical hackers to gather informations with best modules such as open source intelligence, scanning + enumeration, and vulnerabilities analysis.
Apart from the passive and active recons, it can also perform some security analysis of web applications for different vulnerabilities such as SQL Injections,XXS, PHP Injections, HTML Injections.
And similarly it can bruteforce plain text protocols credentials like TELNET,FTP,XMPP,SMTP and SQL protocols.
TiDoS Installation
- Clone “git clone https://github.com/theInfectedDrake/TIDoS-Framework.git” or Download the TiDoS tool here
- Open up the TiDoS directory with the command: cd tidos-framework
- run this command: ./install
- execute the command: python setup.py
TiDoS is a very easy to use tool,
- just execute the command: tidos.
- Execute the command: geoip
Now when the script loads type in the website URL that you want to lookup
- Run the command: piweb
And enter the URL of the website you wanna ping
- Run the command: revip
- Run the command:revdns
- Execute the command:subnet
- Run the command: nmap
- Execute the command: grabhead
- Execute the command: gsearch
- Execute the command: subdom
- Execute the command: fl00d
