D-TECT is a penetration testing tool that can be used for information gathering and finding vulnerabilities in web applications. The tasks that can be performed with D-TECT tool include subdomains enumeration, ports scanning, WordPress scanning, same site scripting detection, and vulnerabilities assessment. The types of vulnerabilities that can be detected with the help of D-TECT tool include Cross Site Scripting (XSS), SQL injection, Click Jacking, headers misconfigurations, and detection of sensitive files. The WordPress scanning covers WordPress CMS detection, users’ enumeration, and finding WordPress backup files.
D-TECT is a Python tool that requires Python 2.7 to operate. The tool can be cloned from Github using the following command.
git clone https://github.com/shawarkhanethicalhacker/D-TECT-1
D-TECT depends on Colorama and BeautifulSoup modules. Although both modules are included in the downloaded (cloned) D-TECT package, they can be installed separately using the following command.
pip install colorama beautifulsoup
How D-TECT Works
The following command opens the tool’s menu, showing all the scanning functionalities of the tool.
Select the desired scanning function (module) by selecting its sequence number. For instance, we can look for sensitive web application files by typing the sequence number of sensitive file detector (i-e #2) in the terminal. The tool asks for the target web host to proceed with the scanning process. Upon providing the host address, D-TECT pings the target host to confirm its availability. If the target host is down or unavailable, the scanning process stops. However, if the target domain is up, D-TECT gathers some useful information about the target before moving on to the actual task, i-e finding sensitive files. The information includes target IP address, URL redirects, backend server information, and header information. If the X-Frame-Options header is missing, the tool generates a warning message, indicating the possibility of Click jacking vulnerability in the target host.
After gathering the above information, D-TECT performs the actual task of looking for sensitive files related to the target web application. If any files containing sensitive data are found, they are listed in the search results as shown in the following screenshot.
The D-TECT port scanner module can scan single port, ports range, or all the ports (from 20 to 5000) of target web applications.
Once the desired port scanning option is provided, the tool checks the status of the port and the service associated with the ports.
The subdomain enumeration module lists all the subdomains, nameservers, IP addresses, and the vulnerabilities associated with each subdomain.
The SQL vulnerability scanner requires the target web application link containing the parameters. The tool injects random payloads to see if the target web application is vulnerable to SQL injection. If the parameters in the target web links are vulnerable to SQL injection, D-TECT displays results as shown in the following screenshot.
WordPress scanning is another important feature of D-TECT tool. The tool can enumerate WordPress users, backup files, and other useful information as shown in the following screenshot.
D-TECT tool can be used during reconnaissance and scanning phases of penetration testing. The tool can detect critical vulnerabilities in target web applications including cross-site scripting and database injections.