Penetration Testing mailing list archives
RE: https web crawler
From: "Erin Carroll" <amoeba () amoebazone com>
Date: Sun, 17 Sep 2006 12:56:48 -0700
Since you're using Sam Spade I assume you prefer windows-based tools. Nikto can run on Windows but the SSL functionality is problematic. It requires ActiveState's Net::SSL module and still might not work. It has been a while since I last checked so there may be a workaround now. An alternative is Wikto in conjunction with HTTPrint and HTTrack plugins. The 3 combined allow for google mining (with a valid API key), site mirroring, and a lot of similar functionality to what you were using Sam Spade for: www.sensepost.com/research/wikto/ -- Erin Carroll Moderator SecurityFocus pen-test list "Do Not Taunt Happy-Fun Ball"
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ezequiel Sallis Sent: Sunday, September 17, 2006 8:49 AM To: Leece, Doug Cc: pen-test () securityfocus com Subject: Re: https web crawler Hi, you can try: Paros Proxy www.parosproxy.org Nikto www.cirt.net/code/nikto.shtml bye Ezequiel M.Sallis CISSP/NSP Leece, Doug wrote:Hello, I have used Sam Spade quite a few times to find little nuggets in the html code. Does anyone know of a better tool like that or one that does something similar for https sites? Strictly to do foot printing at this point not actually faking out form values or anything likethat.Thanks in advance, ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php -------------------------------------------------------------------------- Ezequiel M.Sallis CISSP/NSP (Certified Information System Security Professional) Information Security Specialist ----------------------------------------------------------------------- - This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ----------------------------------------------------------------------- -
------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- https web crawler Leece, Doug (Sep 16)
- Re: https web crawler Ezequiel Sallis (Sep 17)
- RE: https web crawler Erin Carroll (Sep 17)
- Re: https web crawler Morning Wood (Sep 18)
- RE: https web crawler Erin Carroll (Sep 17)
- Re: https web crawler Rogan Dawes (Sep 18)
- Re: https web crawler Brian Porter (Sep 18)
- Re: https web crawler Nick Besant (Sep 19)
- <Possible follow-ups>
- Re: Re: https web crawler toggmeister (Sep 17)
- Re: https web crawler Ezequiel Sallis (Sep 17)