<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

WebApp Sec: Re: Website "Scanner"

Re: Website "Scanner"

From: Martin Eiszner <martin_at_websec.org>
Date: Fri, 10 Jan 2003 08:23:32 +0100

hola,

On Thu, 09 Jan 2003 13:57:14 +0100
Javier Fernandez-Sanguino <jfernandez_at_germinus.com> wrote:

---*---

> the number of requests you are going to make are quite high (and
> increase exponentially). Maybe it would be better to try to first index
> the site (spider like), and then attempt to retrieve "mutated"
> filenames. For example, if you see index.html try: index.html.old,
> index.html.bak...

---*---

you can find a nice and flexible extension-brute-forcer here:

http://www.websec.org/tools/extensions_pl.html

with a simple config-file here:

http://www.websec.org/tools/extensions.txt

nice day,

MeI

-- 
WebSec.org / Martin Eiszner
Gurkgasse 49/Top14
1140 Vienna
Austria / EUROPE
mei_at_websec.org
http://www.websec.org
tel: 0043 699 121772 37

Received on Jan 11 2003

This message: [ Message body ]
Next message: Nicolas Waisman: "Re: Website "Scanner""
Previous message: Todd Charron: "Re: Website "Scanner""
In reply to: Javier Fernandez-Sanguino: "Re: Website "Scanner""
Next in thread: Nelson Sampaio Araujo Junior: "RE: Website "Scanner""

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos