Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process.
Unlike other scanners, Arachni takes into account the dynamic nature of web applications and can detect changes caused while travelling
through the paths of a web application's cyclomatic complexity.
This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.
Arachni require ruby 1.9.2
I reccommend install ruby 1.9.2 through RVM.
To install rvm :
wget http://rvm.beginrescueend.com/releases/rvm-install-head
chmod +x rvm-install-head
./rvm-install-head
Then add following line below to ~/.bashrc
# This is a good place to source rvm v v v
[[ -s "$HOME/.rvm/scripts/rvm" ]] && source "$HOME/.rvm/scripts/rvm"
^^
This loads RVM into a shell session.
close terminal and then open new terminal
Then switch to ruby 1.9.2 :
rvm install 1.9.2
rvm install 1.9.2-head
To install arachni :
gem install arachni
In order to see everything Arachni has to offer execute:
arachni -h
You can simply run Arachni like so :
arachni http://www.xxx.com
More details about arachni :
https://github.com/Zapotek/arachni
See YoU