Grendel Scan Web Application Security Scanner

Home / Blog / Backbox / Grendel Scan Web Application Security Scanner

Grendel Scan Web Application Security Scanner

Web application security scanners are very important in the process of penetration testing, if you want to test your web application from the known and most dangerous vulnerabilities like SQL injection and cross site scripting than you must use some automatic tools that crawls the website and check for the vulnerabilities that can be exploit.

There are a lot of web security scanner available both commercial and open source and as discussed before about the wapiti, nikto and w3af. The commercial tools like Netsparker and acunetix.

Linux distribution that has created for penetration testing like backtrack, gnacktrack, backbox and blackbuntu has different tools for website penetration testing, in this article I will discuss about a open source web application security scanner called Grendel-Scan that has release on the Defcon event.

What Is Grendel-Scan

Grendel-Scan is an open-source web application security testing tool. It has automated testing module for detecting common web application vulnerabilities, and features geared at aiding manual penetration tests. The only system requirement is Java 5; Windows, Linux and Macintosh builds are available.

Backtrack 5 has contain different web application security scanner as well as it contain Grendel-Scan too, in the tutorial I will use backtrack 5 however you can use and install it on other Linux distribution and windows operating system.

Download

It requires Java to run it, if you are using backtrack 5 than you can get gredenl from Applications–>backtrack–>Vulnerability assessment–>web application assessment–>web vulnerability scanner–>grendel-scan

Grendel-Scan Tutorial

It is not a difficult tool to use, and it has graphical user interface so you can easily understand and implement it on your web security testing process. Here is the short description on the basic usage.

Enter the target website and if you want to use proxy server than you can enter it.

You can choose variety of options and you can integrate nikto with grendel scan.

Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Opinion

Password Cyberattack: Everything You Need to Know

November 7, 2023

Industrial Cybersecurity

Cybersecurity Awareness Month: Spotlight on ICS/OT Security

September 28, 2023

Opinion

How to Protect IoT Devices in Critical Infrastructure Networks

September 15, 2023

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings