Penetration Testing mailing list archives

Re: Finding non referenced web directories / pages

From: Michael Katz <mike () procinct com>
Date: Thu, 14 Mar 2002 12:51:23 -0800

At 3/12/2002 01:41 AM, helmut schmidt wrote:

Does anyone have opinions on which are the best tools/scripts areavailable to test for the existence of hidden (or non-referenced) webdirectories and web pages.
For example finding a directory http://www.xxx.com/admin
and hidden web page http://www.xxx.com/admin/admin.asp etc

The whisker tool (v1.4) from Rain Forest Puppy has a fairly extensive listof directories for which it scans. Download the package fromhttp://www.wiretrip.net/rfp/p/doc.asp/i2/d21.htm and take a look at thescan.db file.


Michael Katz
mike () procinct com
Procinct Security


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Finding non referenced web directories / pages helmut schmidt (Mar 12)
- Re: Finding non referenced web directories / pages Michael Katz (Mar 15)