Online Kali Linux programs (FREE)

Table of contents

1. Introduction

2. Web Application Vulnerability Scanners

2.1 WordPress vulnerability scanner

2.2 Detecting SQL injection flaws

2.3 Drupal and SilverStripe Vulnerability Scanner

3. Web Server Vulnerability Scanners

3.1 Free and online web server scanner Nikto

3.2 Online Testing TLS/SSL encryption

3.3 Open ports and running services scanner

4. Information Gathering

4.1 IP Information Gathering

4.2 IPv6 Information Gathering

4.3 How to check my IP

4.4 IP or Websites Information Gathering (WhoIs)

4.5 Determine CMS of Websites

4.6 WebApp Information Gatherer

4.7 Domain names typos and variations

4.8 Web sites on a single IP

4.9 IP address of a web-site

4.10 Trace URL's jumps across the rel links to obtain the last URL

5. Images and Metadata

5.1 Geotagging

5.2 List all metadata of a file

5.3 Web-site screenshots

6. Information about phone numbers

6.1 International Calling Codes and Area Codes

7. Getting Information on MAC Addresses

7.1 Determine the device manufacturer by MAC address

8. IP Ranges Composing

8.1 All IP of locality (region, city)

8.2 All IP of any country

8.3 All IP of ISPs

9. Donation

10. How to help with translation

11. Very cheap, but reliable VPS hosting


Introduction

If you need to check a web site for vulnerabilities or collect information about a web server or a web site, you can use Kali Linux Tools. By the way, some of Kali Linux application you can use online without any charge.

In this article, I will introduce online service, which lets you to use some of the most popular Kali Linux programs absolutely free, without any restrictions and conditions.

All tools are groups according to their main aim:

  • Web Application Vulnerability Scanners
  • Web Server Vulnerability Scanners
  • Information Gathering
  • Images and Metadata
  • Information about phone numbers
  • Getting Information on MAC Addresses
  • IP Ranges Composing
  • E-mail Analysis

I will guide you through all the groups and explain how to use these hacking tools.

All results will be composed in report, you will get permanent link to your report. In addition you are able to download your reports in PDF format.

Web Application Vulnerability Scanners

Web Application and Web Sites are usually available through the Internet and everyone can get access to them. So it is extremely important to sure your web sites have no any vulnerabilities. Because soon or later the vulnerabilities will be discovered and exploited by hackers.

WordPress vulnerability scanner

https://suip.biz/?act=wpscan

This free and online scanner tests your WordPress installation, in other words, your web sites powered by WordPress. Available plug-ins and themes will be scanned. If among them there are vulnerable, they will be listed.

The scanning is performed by WPScan. Here you will find more information about WPScan and WPScan reports analyzation.

To scan you WordPress web site right now just hit the link.

Enter your web site URL and press the Submit button.

If you want to see the color output, follow the link (the results will not arrive in real time, but with a delay, but the total scan time will not change).

Detecting SQL injection flaws

https://suip.biz/?act=sqlmap

SQL injections are serious flaws of websites and applications, they are caused by insufficient filtering of user input data, or errors in the logic of the program. If there is an exploitable SQL injection, this always results in data leakage (sometimes not only for a vulnerable site, but for other databases too), and in some cases, allows an attacker to access the file system.

It is necessary to enter not the main site address, but an example of a page in which there is "user input". For example, if we want to check the site zalinux.ru, then we are looking for a page with a variable parameter. For example, this is the page zalinux.ru/?p=411, here the parameter p= is a variable and allows you to transfer data to the server. For the site relax-nk.ru an example of such a page can become relax-nk.ru/rub.php?id=5

Drupal and SilverStripe Vulnerability Scanner

https://suip.biz/?act=droopescan

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

The scanning requires time. Please wait for a while.

Web Server Vulnerability Scanners

Free and online web server scanner Nikto

https://suip.biz/?act=nikto

Web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.

Examine a web server to find potential problems and security vulnerabilities, including:

  • Server and software misconfigurations
  • Default files and programs
  • Insecure files and programs
  • Outdated servers and programs

The scanning requires time (up to some hours). Please wait for a while.

Online Testing TLS/SSL encryption

https://suip.biz/?act=testssl

Online tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.

Key features:

  • Clear output: you can tell easily whether anything is good or bad
  • Ease of installation: It works for Linux, Darwin, FreeBSD and MSYS2/Cygwin out of the box: no need to install or configure something, no gems, CPAN, pip or the like.
  • Flexibility: You can test any SSL/TLS enabled and STARTTLS service, not only webservers at port 443
  • Toolbox: Several command line options help you to run YOUR test and configure YOUR output
  • Reliability: features are tested thoroughly
  • Verbosity: If a particular check cannot be performed because of a missing capability on your client side, you'll get a warning
  • Privacy: It's only you who sees the result, not a third party
  • Free and online: you do not need to install any software, the tool is implemented as a free online service.

Open ports and running services scanner

https://suip.biz/?act=nmap

This scan is performed by the famous Nmap program. This program will scan IP address or website address, show open ports and running services. You can specify multiple IPs, their range or one website address. But the maximum run time per session is 60 minutes and it can be reduced if the server is overloaded.

If you have specified only one site / IP address, then the results you will get pretty quickly. If you have specified a large range, it may take several minutes for the first results to be obtained.

The input field for ports can be left blank. Then in this case the most frequently used ports will be scanned. You can enter a single port, a range of ports through a dash, multiple ports or ranges separated by commas. Spaces do not need to be set, all symbols except digits, hyphens and commas are filtered.

You do not need to enter too large ranges or too many addresses, because scanning is done through Tor (i.e. slowly), and the maximum scan execution time is limited. If the scan does not finish within that time, it will be reset, and the results already received are lost.

Information Gathering

IP Information Gathering

https://suip.biz/?act=lookupip

Here you can enter the IP and get the following information:

  • country to which it is attached
  • city
  • geographical coordinates
  • company to which it is allocated (IPS)

You can also enter web site addresses and the same information will be displayed (if available).

IPv6 Information Gathering

https://suip.biz/?act=geoiplookup6

Here you can enter the IPv6 and get the following information:

  • country to which it is attached
  • city
  • geographical coordinates
  • company to which it is allocated (IPS)

You can also enter web site addresses and the same information will be displayed (if available and if the web site is using IPv6).

How to check my IP

Just visit the web page: https://suip.biz/?act=myip

You will see your IP and extra information about your location and Internet provider:

In addition, you can get to know your IP in command line:

curl suip.biz/ip/

IP or Websites Information Gathering (WhoIs)

https://suip.biz/?act=whois

Here you can find out whois information about IP and site addresses (domains). Whois information very often contains information about the range to which the IP belongs, about the company to which the IP belongs, information for contacting the contact person (phone numbers, e-mail addresses, postal addresses). Information about domain names (about sites) includes name, phone numbers, postal and email addresses of the site owner. Sometimes the information is hidden.

Determine CMS of Websites

https://suip.biz/?act=whatweb

If you wonder what CMS and web technologies a web site uses, you can

Here, with whatweb, you will see such information about websites as:

  • server response status code
  • country of site location
  • content management system
  • used technologies
  • server and PHP versions
  • some other information

WebApp Information Gatherer

https://suip.biz/?act=wig

This is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. The scanning requires time. Please wait for a while. Powered by Wig.

Here, using the wig program, you can collect such information about the site as:

  • CMS type and version
  • The used platform (OS and software)
  • Interesting files on the site
  • Subdomains
  • List of tools for further research on this site
  • Search for known vulnerabilities for this site

Domain names typos and variations

https://suip.biz/?act=urlcrazy

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Registration of similar domain names is one of the stages of phishing attacks, social engineering. If for a site of your company, your site are registered similar domain names, and these web sites have similar to adjacency design, it is an obvious sign of attempt to mislead users.

For a similar domain name you can get a valid SSL certificate, which is even more capable of confusing site visitors and recipients of e-mail.

Web sites on a single IP

https://suip.biz/?act=hostmap

This online free service discovers hostnames that resolve to the target's IP address. Here you can find hostnames that resolve to the target's IP address (web sites on a single IP).

Enter the domain name of the site or IP.

IP address of a web-site

https://suip.biz/?act=dig

This online free service discovers IP address of any web-site. Here you can find IP address of any web-site.

Trace URL's jumps across the rel links to obtain the last URL

https://suip.biz/?act=hoper

If you want to know where the link leads, which redirects through one or more redirects (for example, the so-called short links), then this service will help you. It will go through all the intermediate points and show you both the final destination and the entire path that you had to go through.

Images and Metadata

Geotagging

https://suip.biz/?act=locatepicture

Here you can find the location where a picture was taken.

Almost all phones and many digital cameras (if the setting is not disabled) add, along with other metainformation, the geographic location where the picture was taken.

These data are easily read and you can find out the location of the survey. ATTENTION: these data are easily replaced (spoofed), therefore information received from metadata (both on this and other services) can not be guaranteed to be true.

Many editors and web applications, when saving a photo, discard the GPS data, so it's useless to check photos from popular social networks (because the web application clamps them to save space).

List all metadata of a file

https://suip.biz/?act=mat

Metadata within a file can tell a lot about you. Cameras record data about when and where a picture was taken and what camera was used. Office documents like pdf or Office automatically add author and company information to documents and spreadsheets. Maybe you don't want to disclose this information on the web.

The service fully supports the following formats:

  • Portable Network Graphics (.png)
  • JPEG (.jpg, .jpeg, …)
  • TIFF (.tif, tiff, …)
  • Open Documents (.odt, .odx, .ods, …)
  • Office OpenXml (.docx, .pptx, .xlsx, …)
  • Portable Document Fileformat (.pdf)
  • Tape ARchives (.tar, .tar.bz2, …)
  • MPEG AUdio (.mp3, .mp2, .mp1, …)
  • Ogg Vorbis (.ogg, …)
  • Free Lossless Audio Codec (.flac)
  • Torrent (.torrent)

Web-site screenshots

https://suip.biz/?act=screenshot

Here you can make and immediately download a screenshot of the website. IMPORTANT: the address must be specified with the protocol. Examples of input:

Information about phone numbers

International Calling Codes and Area Codes

https://suip.biz/?act=phone3

Here you can find out the country, and sometimes the region (city) of a phone number. The more digits you enter, the more accurate the information will be. The minimum number of entered digits is one. All symbols except digits are filtered out.

Please note that you need to enter the number in the international format. For example, take the Russian number 89051432963. Its international format is 79051432963 (you do not need to enter a plus). Let's take another number 0944177914. This number can belong to several countries at once, because it is recorded in the internal format. Therefore, this is the wrong input format. Correct, for example, will be 66944177914

The names of countries and cities are displayed in English. The word "Cellular" means that the number belongs to the mobile communication. If nothing is found, then "nothing found" is displayed, which means that an incorrect number or number is entered in the wrong format (possibly in the internal format).

Getting Information on MAC Addresses

Determine the device manufacturer by MAC address

https://suip.biz/?act=mac

The MAC address, or as it is also called the hardware address, is the identifier of the network interface, i.e. unique for each device. The MAC address contains information that allows you to find out the manufacturer. It should be remembered that the MAC address can be changed, so there is no guarantee that the vendor is actually the one who is found in the database.

Enter the MAC address to find the device manufacturer.

You can enter full MAC addresses, as well as a part (the first octets). The register of the letters does not mattert.

IP Ranges Composing

All IP of locality (region, city)

https://suip.biz/?act=iploc

Enter the geographical name in English letters to get all the IPs attached to it. The register is not important.

All IP of any country

https://suip.biz/?act=ipcountry

To get all the IP addresses of a country, you need to enter the two-letter code (ISO 3166-1 alpha-2) of the state of interest.

All IP of ISPs

https://suip.biz/?act=ipintpr

Provide an IP belongs to a ISP or website address of a ISP.

Donation

Your donations can help to add new services. All services are free of charge, but it is still necessary to pay for the server. You can donate for renting a more powerful server, which lets to add new services and helps to avoid some issues concerned to lack of system resources.

https://suip.biz/?act=donation

How to help with translation

Thank you Yong for translation the service in Thai: suip.biz/th. By the way, if you like the service and you want to contribute via translation it to your language, please contact me here in the comment section – I will send you the set of string in English to translate.

Very cheap, but reliable VPS hosting

If you want to have your virtual private server (VPS) like I have, here is the link where I keep my one. The price started from $1.51. And for ~$7.55 you can have there:

  • 2 cores CPU
  • 2 GB RAM
  • 30 GB Disk SSD
  • 100 Mbit/s

It is fantastic!

Recommended for you:

32 Comments to Online Kali Linux programs (FREE)

  1. kris says:

    Thank you for the awesome recourses. I hope you continue to keep this maintained and still use Arch Linux =).

     

  2. james says:

    Hi , the WordPress black box scan isn’t working , thought I would let you know 

    • Alex says:

      Hello! Thanks a lot for your report!

      I investigated the problem, everything is working as it should, except WPScan.

      On the server it fails with the error:

      [FATAL] failed to allocate memory

      Evidently, the web server is out of resources. In the developing environment it works well.

      Since I have no budget to upgrade my hosting tariff plan, so we have two options:

      • wait for the next WPScan release with hope it will reduce RAM consumption
      • wait for I have more free time and try some optimization (disable some options of WPScan scanning, for example)
  3. Alex says:

    Server hardware upgrade

    Good news everyone: added one more processor core (became 3) and one more gigabyte of RAM (became also 3), plus the swap file added yesterday.

    As a result, now:

    • services should run a little faster
    • there should be a minimum of dropped tasks - the server itself monitors its workload and if resources are at the limit, then it simply resets all active tasks (this is in addition to the timeouts of each task). Probably, this happened quite often with a large number of simultaneous visitors. Now this should happen much less frequently (usually there is not enough RAM, and now it is abundant)

    If you want to have your virtual private server (VPS) like I have, here is the link where I keep my one. The price started from $1.51. And for ~$7.55 you can have there:

    • 2 cores CPU
    • 2 GB RAM
    • 30 GB Disk SSD
    • 100 Mbit/s

    It is fantastic!

  4. anon says:

    Hey, so "amass" is not working since some time now, can you take a look at it?
    (https://suip.biz/?act=amass)

    Thanks, and keep up the good work!

  5. Mormon says:

    Any chance we could get update to 3.7.9 wpscan? Thanks

  6. aseed says:

    Hello Alex instead of Amass add assetfinder and add some arguments in sqlmap

  7. Hans says:

    Are you updating tools?(Amass,Subfinder,Findomain,Wpscan,SQLMAP vs)

  8. siprajan says:

    http://hd.tamilanda.net/album/kulirudha-pulla-oththa-seruppu-2019/

    bypassing social content locker doesn't work

  9. Cihan says:

    amass dont work.can you amass update?

  10. Mark says:

    Hi,

    Your online scanners do not seem to work with Tor-Browser.

    I get a blank screen after every submit.

    Thought i let you know.

  11. Tim says:

    Hi Thanks for the tools they are very helpful.

    Can i ask if someone uses a DNS wildcard entry is the subdomain ip adress correct or could it be changed manually from the hosting site to hide the real IP?

    Thank you

    Tim

    • Alex says:

      Hello! Sorry, I don't understand what exactly you are asking.

      If you want to use wildcard DNS records and DNS records for subdomains at the same time, then this is possible. First of all, DNS records will be used by exact match with the domain name, if they are not found, then DNS with wildcards will be used.

  12. Tommy says:

    Can you please add a tool to find xss and another for subdomain takeovers?

  13. JOY says:

    SUB DOMAIN LOOKUP NOT WORK  FROM FEW DAY AGO

  14. Alex says:

    New services with IPv6 support:

  15. aaaaa says:

    Hi Alex,

    Thank you very much for your resources.

    Can you please explain what data you use for "domainiphistory"?

    I can't find data anywhere else besides SecurityTrials and I need an alternative source.

    Thank you.

Leave a Reply

Your email address will not be published. Required fields are marked *