CIP Cyber

Log In
Menu
Log In
  • Opinion
  • Product Reviews
  • Industrial Cybersecurity
  • Videos

Darkjumper- Automatic Tool Tutorial

Table of Contents

Web application security is a big issue for the administrator of different website and for the hosting provider. How it is a issue for web hosting provider? Well if one the website compromise than there is a chance to compromise all the website that hosted on the same server that has been compromised before.
So, for finding a bug on web application is necessary part of a pen testing. 


p { margin-bottom: 0.08in; }a:link { }

There are several tools available for measuring the security of a website, the tools available for both Windows and Linux based operating system. Here is a comprehensive list of a tool that we have discussed before.

Now the main aim of writing this article is to introduce darkjumper, darkjumper is a tool that written on python and it has an ability to check every website that host at the same server of your target website. It can check the vulnerabilities on every website that host on the same server.
Key Feature
  • Scan for SQL-I, Blind SQL-I, Local file inclusion and remote file inclusion on every website that host on the same server.
  • CGI directory finding
  • Enumeration
  • Auto injection
  • Proxy
  • Port Scanning

p { margin-bottom: 0.08in; }h2 { margin-bottom: 0.08in; }h2.ctl { font-family: “Lohit Hindi”; }a:link { }code.cjk { font-family: “DejaVu Sans”,monospace; }

At the time of writing this Darkjumper V5.7 is available. Click here to download.
DarkJumper Tutorial 
You need python to run darkjumper, first of all the basic thing is the help use help command to learn more about darkjumper.
p { margin-bottom: 0.08in; }code.cjk { font-family: “DejaVu Sans”,monospace; }
./darkjumper.py -h
  • The second important command is 
p { margin-bottom: 0.08in; }code.cjk { font-family: “DejaVu Sans”,monospace; }
./darkjumper.py -t [target] -m reverseonly

  •   Reverseonly means means the tool only reverse the target IP no checking for bug. Now if you want to check SQL-I bug use this command.
p { margin-bottom: 0.08in; }code.cjk { font-family: “DejaVu Sans”,monospace; }
./darkjumper.py -t [target] -m injection

  •   For RFI and LFI use
p { margin-bottom: 0.08in; }code.cjk { font-family: “DejaVu Sans”,monospace; }

./darkjumper.py -t [target] -m inclusion

  • For both injection and inclusion use
p { margin-bottom: 0.08in; }code.cjk { font-family: “DejaVu Sans”,monospace; }

./darkjumper.py -t [target] -m full



Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Opinion

Password Cyberattack: Everything You Need to Know

November 7, 2023

Industrial Cybersecurity

Cybersecurity Awareness Month: Spotlight on ICS/OT Security

September 28, 2023

Opinion

How to Protect IoT Devices in Critical Infrastructure Networks

September 15, 2023

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training

Related Articles

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training