CIP Cyber

Gamja-Web Vulnerability Scanner

Table of Contents

As there are so many different articles and tools has been posted on web application security, this article will also cover some about penetration testing on web application, the web administrator must check their websites for most type of web site attack, because it is a rising problem for websites.

The most famous web application attacks are SQL-injection and cross site scripting.
Gamja will find XSS(Cross site scripting) and SQL Injection weak point also URL parameter validation error. Who knows that which parameter is weak parameter? Gamja will be helpful for finding vulnerability[ XSS , Validation Error , SQL Injection].   

Just like other open source tools Gamja is no longer be updated by the author but it is still a good choice to use, because it is free and it based on perl scripting, so there is no limitation of Operating system. If you are using Unix like system like Linux or BSD or if you are using Windows based system, in both case your can run gamja because it needs a perl program.

Tutorial
  • Requirement for running gamja is perl, you can download active perl from here. 
  • After this open CMD (for windows) and Terminal (for linux), than locate the directory where you have downloaded gamja.
  • Now type “Perl gamja.pl” without commas, you will get some help on how to use gamja. 

  •  Now its time to check web application for vulnerabilities, type “perl gamja.pl http://www.target.com/index.php” without comma.
  • It will create a HTML report file on the same directory open it and see the vulnerabilities.




Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Industrial Cybersecurity

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Related Articles

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings