WebApp Sec mailing list archives

RE: Web App URL Scanner

From: "Mark Parter" <m-parter () fife ac uk>
Date: Tue, 14 Oct 2003 12:06:59 +0100

Hi,

You could try a Perl script called Nikto. This doesn't necessarily  return all direcotries at a specific website but it 
will return any that it thinks are vulnerable to attack and/or shouldn't be available to the general public. See here 
for more info: http://www.cirt.net/code/nikto.shtml

Maybe not exactly what your looking for but it's a start.

HTH,

Mark Parter

-----Original Message-----
From: Jimi Thompson [mailto:jimit () myrealbox com]
Sent: 14 October 2003 03:35
To: webappsec () securityfocus com
Subject: Web App URL Scanner[Scanned]


All,

I'm currently seeking some software that will test all possible URL's 
on an web application, much like a dictionary attack against a 
password.  I could probably write it but I'd rather just download 
something if I can.  I'd like to see if I'm able to discover URL's 
that aren't normally accessible.  If anyone has ideas, I'd be 
grateful.

Thanks,

Ms. Jimi Thompson, CISSP

Current thread:

Web App URL Scanner Jimi Thompson (Oct 14)
- RE: Web App URL Scanner roshen.chandran (Oct 14)
- Re: Web App URL Scanner Jon Hart (Oct 14)
- RE: Web App URL Scanner Lluis Mora (Oct 17)
  - RE: Web App URL Scanner Jimi Thompson (Oct 17)
- <Possible follow-ups>
- RE: Web App URL Scanner Mark Parter (Oct 14)
  - RE: Web App URL Scanner Brian Pomeroy (Oct 14)
- RE: Web App URL Scanner Dawes, Rogan (ZA - Johannesburg) (Oct 14)