PaulDotCom mailing list archives
Re: Looking for web app signatures for Nmap
From: Adrien de Beaupre <adriendb () gmail com>
Date: Fri, 5 Nov 2010 10:16:26 -0400
On Thu, Nov 4, 2010 at 2:51 PM, Tyler Oderkirk <tyl.erod.e.rkirk () gmail com> wrote:
On Wed, Nov 3, 2010 at 3:58 PM, Ron <ron () skullsecurity net> wrote:I'm trying to build a fingerprint database of common web applications for Nmap [...]Hi Ron, Take a look at the WhatWeb scanner by urbanadventurer aka Andrew Horton: http://www.morningstarsecurity.com/research/whatweb Its written in Ruby and claims to "identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more". It includes "over 250 plugins" aka "fingerprints".
Hi Ron, there is also blindelephant: http://blindelephant.sourceforge.net/ "The BlindElephant Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatable." By Patrick Thomas. Patrick gave a talk at SecTor.ca recently. Cheers, Adrien de Beaupre _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Looking for web app signatures for Nmap Ron (Nov 03)
- Re: Looking for web app signatures for Nmap Tyler Oderkirk (Nov 05)
- Re: Looking for web app signatures for Nmap Adrien de Beaupre (Nov 05)
- Re: Looking for web app signatures for Nmap Tyler Oderkirk (Nov 05)