Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: Web App URL Scanner

RE: Web App URL Scanner

From: Mark Parter <m-parter_at_fife.ac.uk>
Date: Tue, 14 Oct 2003 12:06:59 +0100

Hi,

You could try a Perl script called Nikto. This doesn't necessarily return all direcotries at a specific website but it will return any that it thinks are vulnerable to attack and/or shouldn't be available to the general public. See here for more info: http://www.cirt.net/code/nikto.shtml

Maybe not exactly what your looking for but it's a start.

HTH,

Mark Parter

-----Original Message-----
From: Jimi Thompson [mailto:jimit_at_myrealbox.com]
Sent: 14 October 2003 03:35
To: webappsec_at_securityfocus.com
Subject: Web App URL Scanner[Scanned]

All,

I'm currently seeking some software that will test all possible URL's
on an web application, much like a dictionary attack against a
password. I could probably write it but I'd rather just download
something if I can. I'd like to see if I'm able to discover URL's
that aren't normally accessible. If anyone has ideas, I'd be
grateful.

Thanks,

Ms. Jimi Thompson, CISSP
Received on Oct 14 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]