Darkjumper – A scanner to check for SQL injection, LFI’s and RFI vulnerabilities!

Darkjumper is a tool that will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server.

Functions of darkjumper:
1. User enumeration guessing based on 4-8 chars trial taken from every site name that host at the same server.
2. Scan for sql injection,local file inclusion,remote file inclusion and blind sql injection on every site at the same server.
3. CGI and Path Scanning.
4. Port-scanning
5. Auto-bruteforcing after user enumeration
6. Auto-injector – auto column finder (mysql) if found mysql bug found
7. Proxy added
8. Verbocity added
9. IP or proxy checker and GeoIP useful for checking your IP or your proxy work or not.

- Additional feature: More fake HTTP user agent (can be used for stress test or DDOS attacks)

It is written in Python. So, this tool can be used on any operating system that supports Python.

<a href=”http://www.burstnet.com/ads/ad20486a-map.cgi/ns/v=2.3S/sz=468×60B/” target=”_top”> <img src=”http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/ns/v=2.3S/sz=468×60B/” border=”0″ alt=”Click Here” title=”Darkjumper A scanner to check for SQL injection, LFIs and RFI vulnerabilities!” /></a>

Darkjumper can be used in six modes:
- reverseonly: Only reverse target no checking bug
- surface: Checking for sqli and blind sqli on every web that host at the same target server
- full: Checking for sqli,blind,rfi,lfi on every web that host at the same target server
- cgidirs: Scanning cgidirs on the target server
- enum [number]: Guessing possible user enumeration on server (4-8 chars user enumeration)
- portscan [startport]-[endport]: Scanning open port on server target

To stop the scan run this command:

killall -9 /usr/bin/python & killall -9 /usr/bin/perl

Download Darkjumper version 5.5here