Hi,
Wikto is the perfect tool for this kind of job
http://www.sensepost.com
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Juan Kinunt
Sent: Tuesday, June 30, 2009 3:47 PM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: Scanner for old files (.bak, ~, .old, etc.)
Hi,
I would like to know if anyone knows a tool that first spiders the web
in order to enumerate al files and scripts it detects and then look
for this same files but with another extension. For example, first
spiders the web and enumerate:
index.php
news.php
cart.php
And then looks for index.php.bak, index.php.inc, index.php~,
index.bak, index.old, etc.
This tool will be useful supossing that programmers tend to change the
extension of the file to store old files.
I know Nikto, Wikto, etc... but this tools look for predefined files
and I would like to target already existing files but with different
extension.
If the tool does not exist I'll try to code something.
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
Wikto is the perfect tool for this kind of job
http://www.sensepost.com
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Juan Kinunt
Sent: Tuesday, June 30, 2009 3:47 PM
To: pen-test (at) securityfocus (dot) com [email concealed]
Subject: Scanner for old files (.bak, ~, .old, etc.)
Hi,
I would like to know if anyone knows a tool that first spiders the web
in order to enumerate al files and scripts it detects and then look
for this same files but with another extension. For example, first
spiders the web and enumerate:
index.php
news.php
cart.php
And then looks for index.php.bak, index.php.inc, index.php~,
index.bak, index.old, etc.
This tool will be useful supossing that programmers tend to change the
extension of the file to store old files.
I know Nikto, Wikto, etc... but this tools look for predefined files
and I would like to target already existing files but with different
extension.
If the tool does not exist I'll try to code something.
Thanks.
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]