Juan Kinunt wrote:
> Hi,
>
> I would like to know if anyone knows a tool that first spiders the web
> in order to enumerate al files and scripts it detects and then look
> for this same files but with another extension. For example, first
> spiders the web and enumerate:
>
> index.php
> news.php
> cart.php
>
> And then looks for index.php.bak, index.php.inc, index.php~,
> index.bak, index.old, etc.
>
Check out bakfiles.nasl which is a part of the Nessus scanner. It
should be very close to what you're looking for (and maybe even a few
that you don't list above)
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
> Hi,
>
> I would like to know if anyone knows a tool that first spiders the web
> in order to enumerate al files and scripts it detects and then look
> for this same files but with another extension. For example, first
> spiders the web and enumerate:
>
> index.php
> news.php
> cart.php
>
> And then looks for index.php.bak, index.php.inc, index.php~,
> index.bak, index.old, etc.
>
Check out bakfiles.nasl which is a part of the Nessus scanner. It
should be very close to what you're looking for (and maybe even a few
that you don't list above)
John
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]