Penetration Testing mailing list archives
Re: Scanner for old files (.bak, ~, .old, etc.)
From: "SD List" <list () security-database com>
Date: Wed, 1 Jul 2009 18:11:57 +0200 (CEST)
Hi, Definitively, a large number of tools and scanners are able to identify such files. Take a look here, we provide a list of tools (guyz in this list already enumerated the best) you may need (http://www.security-database.com/toolswatch/+-Application-Scanner-+.html) Cheers N.
checkout the metasploit wmap extension. it is exactly what you're looking for. 2009/6/30 Juan Kinunt <kinunt () gmail com>:Hi, I would like to know if anyone knows a tool that first spiders the web in order to enumerate al files and scripts it detects and then look for this same files but with another extension. For example, first spiders the web and enumerate: index.php news.php cart.php And then looks for index.php.bak, index.php.inc, index.php~, index.bak, index.old, etc. This tool will be useful supossing that programmers tend to change the extension of the file to store old files. I know Nikto, Wikto, etc... but this tools look for predefined files and I would like to target already existing files but with different extension. If the tool does not exist I'll try to code something. Thanks. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Scanner for old files (.bak, ~, .old, etc.) Robin Wood (Jul 02)
- <Possible follow-ups>
- RE: Scanner for old files (.bak, ~, .old, etc.) Tal Argoni (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) Nikhil Wagholikar (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) Jeremy Brown (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) SD List (Jul 02)
- Re: Scanner for old files (.bak, ~, .old, etc.) Vedantam sekhar (Jul 17)