Penetration Testing mailing list archives

RE: https web crawler

From: "Erin Carroll" <amoeba () amoebazone com>
Date: Sun, 17 Sep 2006 12:56:48 -0700

Since you're using Sam Spade I assume you prefer windows-based tools. Nikto
can run on Windows but the SSL functionality is problematic. It requires
ActiveState's Net::SSL module and still might not work. It has been a while
since I last checked so there may be a workaround now.

An alternative is Wikto in conjunction with HTTPrint and HTTrack plugins.
The 3 combined allow for google mining (with a valid API key), site
mirroring, and a lot of similar functionality to what you were using Sam
Spade for: www.sensepost.com/research/wikto/

--
Erin Carroll
Moderator
SecurityFocus pen-test list
"Do Not Taunt Happy-Fun Ball"

-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of Ezequiel Sallis
Sent: Sunday, September 17, 2006 8:49 AM
To: Leece, Doug
Cc: pen-test () securityfocus com
Subject: Re: https web crawler

Hi, you can try:


Paros Proxy www.parosproxy.org
Nikto www.cirt.net/code/nikto.shtml

bye

Ezequiel M.Sallis CISSP/NSP




Leece, Doug wrote:

Hello,

I have used Sam Spade quite a few times to find little nuggets in the
html code. Does anyone know of a better tool like that or one that
does something similar for https sites? Strictly to do foot printing
at this point not actually faking out form values or anything like

that.


Thanks in advance,



---------------------------------------------------------------------

--
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
---------------------------------------------------------------------

--


--


               Ezequiel M.Sallis CISSP/NSP

                     (Certified Information System Security
Professional)

              Information Security Specialist






-----------------------------------------------------------------------
-
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
-----------------------------------------------------------------------
-




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

https web crawler Leece, Doug (Sep 16)
- Re: https web crawler Ezequiel Sallis (Sep 17)
  - RE: https web crawler Erin Carroll (Sep 17)
    - Re: https web crawler Morning Wood (Sep 18)
- Re: https web crawler Rogan Dawes (Sep 18)
- Re: https web crawler Brian Porter (Sep 18)
- Re: https web crawler Nick Besant (Sep 19)
- <Possible follow-ups>
- Re: Re: https web crawler toggmeister (Sep 17)