Penetration Testing mailing list archives
Re: spider web scanner
From: Dan Crowley <dcrowley () coresecurity com>
Date: Mon, 20 Dec 2010 10:14:59 -0500
Skipfish has been my preferred web vulnerability scanner as of late. It's free, does the spidering for you, and will do some brute forcing to find hidden directories with easily guessed names. Just make sure you either run it against a test server or throttle it. Most people find that skipfish with default settings also works nicely as a DDoS tool against most web servers which aren't high-performance or sitting behind load balancers. ;) On 12/17/2010 2:13 AM, modversion wrote:
hi list: Anybody could suggest a web scanner with the following functions: 1.It could import many domain and subdomain for scan. 2.Acting as a spider could find subdomain and directory. 3.support customs url check which can work with spidered result thanks in advanced! ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- spider web scanner modversion (Dec 17)
- Re: spider web scanner Adrian J Milanoski (Dec 19)
- Re: spider web scanner Dan Crowley (Dec 21)
- Re: spider web scanner Archangel Amael (Dec 21)