Installation of PHPvuln Tool on Kali Linux
Step 1: First, check whether the Python Environment is Established or not, use the following command.
python3
Step 2: Open up your Kali Linux terminal and move to Desktop using the following command.
cd Desktop
Step 3: You are on Desktop now create a new directory called PHPvuln using the following command. In this directory, we will complete the installation of the PHPvuln tool.
mkdir PHPvuln
Step 4: Now switch to the PHPvuln directory using the following command.
cd PHPvuln
Step 5: Now you have to install the tool. You have to clone the tool from Github.
git clone https://github.com/ecriminal/phpvuln.git
Step 6: The tool has been downloaded successfully in the PHPvuln directory. Now list out the contents of the tool by using the below command.
ls
Step 7: You can observe that there is a new directory created of the PHPvuln tool that has been generated while we were installing the tool. Now move to that directory using the below command:
cd phpvuln
Step 8: Once again to discover the contents of the tool, use the below command.
ls
Step 9: Download the required packages for running the tool, use the following command.
pip3 install -r requirements.txt
Step 10: Now we are done with our installation, Use the below command to view the help (gives a better understanding of the tool) index of the tool.
python3 phpvuln.py -h
PHPvuln – Linux Tool to Find Vulnerabilities in PHP Code
PHP security vulnerabilities are a major cause for concern when it comes to web applications written in the PHP language since successful exploitation of such safety defects may lead to several regularly exploited attacks. Many vulnerabilities are usually not difficult to fix, but finding them in large codebases could be challenging without the right tools. So to find these major security flaws we need a powerful automated script. PHPvuln is an automated script developed in the Python language. PHPvuln tool checks or tests the massive list of PHP files for various types of vulnerabilities like LFI, XSS, IP Exposure, etc. At the parallel time, all the vulnerabilities are tested and a quick report is generated with the point of insertion of malicious query or the location of the file is been displayed. PHPvuln tool is open-source and free to use.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux