Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Updates to http-enum.nse

From: Fyodor <fyodor () insecure org>
Date: Sat, 22 Aug 2009 14:53:03 -0700
On Sat, Aug 22, 2009 at 11:36:10AM -0500, Ron wrote:

On 08/22/2009 11:31 AM, Ron wrote:

Found it: DirBuster.

http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project

I don't it's worthwhile including their database, though, just 
supporting it. Their smallest list is over 80,000 entries. :)


I agree with not including it (doesn't seem to exaclty meet our
needs), but the lists are frequency sorted so you can easily get small
lists such as top 500 or top 1000.

Also, they generated username lists by looking for ~username during
their spidering.  That sort of technique could be useful for ncrack
and the NSE userlists too.

A key aspect of these lists is that they generated them from large
scale web spidering.  We may want to do our own big web spidering
project at some point to generate data useful for Nmap.  We've already
got a start with Brandon's favicon spider.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: