Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: RE: Web App URL Scanner

RE: Web App URL Scanner

From: Lluis Mora <llmora_at_sentryware.com>
Date: Fri, 17 Oct 2003 14:59:58 +0200

Hi Jimi,

Perhaps you might want to try DIRB (http://www.t0s.org/), it performs a
dictionary attack searching for directories on webservers. It has a few
predefined dictionaries that work pretty well, although it is easily
customizable.

Cheers,

Lluis
.

> -----Original Message-----
> From: Jimi Thompson [mailto:jimit_at_myrealbox.com]
> Sent: Tuesday, October 14, 2003 4:35 AM
> To: webappsec_at_securityfocus.com
> Subject: Web App URL Scanner
>
>
> All,
>
> I'm currently seeking some software that will test all possible URL's
> on an web application, much like a dictionary attack against a
> password. I could probably write it but I'd rather just download
> something if I can. I'd like to see if I'm able to discover URL's
> that aren't normally accessible. If anyone has ideas, I'd be
> grateful.
>
> Thanks,
>
> Ms. Jimi Thompson, CISSP
>
>
Received on Oct 17 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]