Thanks to everyone for the good input. I was sure that I was not the
first person to encounter a need for this.
Thanks again,
Jimi
At 2:59 PM +0200 10/17/03, Lluis Mora wrote:
>Hi Jimi,
>
>Perhaps you might want to try DIRB (http://www.t0s.org/), it performs a
>dictionary attack searching for directories on webservers. It has a few
>predefined dictionaries that work pretty well, although it is easily
>customizable.
>
>Cheers,
>
>Lluis
>.
>
>> -----Original Message-----
>> From: Jimi Thompson [mailto:jimit_at_myrealbox.com]
>> Sent: Tuesday, October 14, 2003 4:35 AM
>> To: webappsec_at_securityfocus.com
>> Subject: Web App URL Scanner
>>
>>
>> All,
>>
>> I'm currently seeking some software that will test all possible URL's
>> on an web application, much like a dictionary attack against a
>> password. I could probably write it but I'd rather just download
>> something if I can. I'd like to see if I'm able to discover URL's
>> that aren't normally accessible. If anyone has ideas, I'd be
>> grateful.
>>
>> Thanks,
>>
>> Ms. Jimi Thompson, CISSP
>>
>>
Received on Oct 17 2003
Intro
