Vulnerability Development mailing list archives

Re: Suggestion for new program: NT-Hackable scanner based on modules

From: spi <securityguru () earthlink net>
Date: Sun, 11 Mar 2001 19:54:18 -0500

Check out webinspect by www.spidynamics.com, it checks for nothing but web
based
vulnerabilities.. including cgi scans and application security issues
there are no modules in the product but you can add your own checks easily

----- Original Message -----
From: "Steve" <steve () SECURESOLUTIONS ORG>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Sunday, March 11, 2001 12:05 PM
Subject: Re: Suggestion for new program: NT-Hackable scanner based on
modules

For a couple good general CGI Scanners check out Whisker at
www.wiretrip.net/rfp or check out VLAD, which also checks for the rest of
the SANS Top 10 List at http://razor.bindview.com/tools


-Steve

-----Original Message-----
From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of
Mattias Berge
Sent: Sunday, March 11, 2001 7:23 AM
To: VULN-DEV () SECURITYFOCUS COM
Subject: Re: Suggestion for new program: NT-Hackable scanner based on
modules


I wrote a IIS scanner wich tried +120 cgi exploits and 14 remote
file parsing.
The idea with 14 remote file parsing is _taken_ from a perl
script I found on packetstorm.

----- Original Message -----
From: "DeathLoad TP" <nickstakenburg () HOME NL>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Friday, March 09, 2001 7:21 PM
Subject: Suggestion for new program: NT-Hackable scanner based on

modules

Current thread:

Suggestion for new program: NT-Hackable scanner based on modules DeathLoad TP (Mar 09)
- Re: Suggestion for new program: NT-Hackable scanner based on modules Mattias Berge (Mar 11)
  - Re: Suggestion for new program: NT-Hackable scanner based on modules Steve (Mar 11)
    - Re: Suggestion for new program: NT-Hackable scanner based on modules spi (Mar 11)