On Tue, Jun 30, 2009 at 11:16 PM, Nikhil
Wagholikar<visitnikhil (at) gmail (dot) com [email concealed]> wrote:
> Hello Juan Kinunt,
>
> May be you can have a look at 'IntelliTamper'.
>
> IntelliTamper is able to scan a website for unlisted files and folders
> with a dictionary based scan.
>
> More Info: http://www.intellitamper.com/
> Or Email to : tamper (at) engineer (dot) com [email concealed]
>
> Hope this helps!!
>
> ---
> Nikhil Wagholikar
> Practice Lead | Security Assessments & Digital Forensics
> Network Intelligence (India) Pvt. Ltd. [NII Consulting]
> Web: http://www.niiconsulting.com/
> Comprehensive Information Security Training
> http://iisecurity.in/training.html
>
> 2009/6/30 Juan Kinunt <kinunt (at) gmail (dot) com [email concealed]>
>>
>> Hi,
>>
>> I would like to know if anyone knows a tool that first spiders the web
>> in order to enumerate al files and scripts it detects and then look
>> for this same files but with another extension. For example, first
>> spiders the web and enumerate:
>>
>> index.php
>> news.php
>> cart.php
>>
>> And then looks for index.php.bak, index.php.inc, index.php~,
>> index.bak, index.old, etc.
>>
>> This tool will be useful supossing that programmers tend to change the
>> extension of the file to store old files.
>>
>> I know Nikto, Wikto, etc... but this tools look for predefined files
>> and I would like to target already existing files but with different
>> extension.
>>
>> If the tool does not exist I'll try to code something.
>>
>> Thanks.
>>
>> ------------------------------------------------------------------------
>> This list is sponsored by: Information Assurance Certification Review Board
>>
>> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>>
>> http://www.iacertification.org
>> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.milw0rm.com/search.php?dong=intellitamper
On Tue, Jun 30, 2009 at 11:16 PM, Nikhil
Wagholikar<visitnikhil (at) gmail (dot) com [email concealed]> wrote:
> Hello Juan Kinunt,
>
> May be you can have a look at 'IntelliTamper'.
>
> IntelliTamper is able to scan a website for unlisted files and folders
> with a dictionary based scan.
>
> More Info: http://www.intellitamper.com/
> Or Email to : tamper (at) engineer (dot) com [email concealed]
>
> Hope this helps!!
>
> ---
> Nikhil Wagholikar
> Practice Lead | Security Assessments & Digital Forensics
> Network Intelligence (India) Pvt. Ltd. [NII Consulting]
> Web: http://www.niiconsulting.com/
> Comprehensive Information Security Training
> http://iisecurity.in/training.html
>
> 2009/6/30 Juan Kinunt <kinunt (at) gmail (dot) com [email concealed]>
>>
>> Hi,
>>
>> I would like to know if anyone knows a tool that first spiders the web
>> in order to enumerate al files and scripts it detects and then look
>> for this same files but with another extension. For example, first
>> spiders the web and enumerate:
>>
>> index.php
>> news.php
>> cart.php
>>
>> And then looks for index.php.bak, index.php.inc, index.php~,
>> index.bak, index.old, etc.
>>
>> This tool will be useful supossing that programmers tend to change the
>> extension of the file to store old files.
>>
>> I know Nikto, Wikto, etc... but this tools look for predefined files
>> and I would like to target already existing files but with different
>> extension.
>>
>> If the tool does not exist I'll try to code something.
>>
>> Thanks.
>>
>> ------------------------------------------------------------------------
>> This list is sponsored by: Information Assurance Certification Review Board
>>
>> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>>
>> http://www.iacertification.org
>> ------------------------------------------------------------------------
>>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
[ reply ]