- Launch Web Cruiser apps and wait till the main windows appears
2. Enter the URL that will be scanned, this example we use http://10.0.0.2/goodshopping where 10.0.0.2 is the server of the host machine where the website is hosted. Click ‘ Scan Site ‘ to start the scanning
3. If a software disclaimer pop-up appears, click OK to proceed
4. The scanning start with URL scan, but it also show the vulnerabilities as well as the site structure as seen in the screenshoot
5. Try to right click each of the vulnerabilities, then click SQL Injection POC which is Proof of Concept
5. It will launch the SQL Injection then click ‘ Get Environment Information ‘
6. It shows information about environments which the site is hosted. By collecting vulnerabilities information, attacker can simulate exploitation to hack a web application to gain unauthorized information.