WebApp Sec mailing list archives

Re: Website "Scanner"

From: Martin Eiszner <martin () websec org>
Date: Fri, 10 Jan 2003 08:23:32 +0100



hola,

On Thu, 09 Jan 2003 13:57:14 +0100
Javier Fernandez-Sanguino <jfernandez () germinus com> wrote:

---*---

the number of requests you are going to make are quite high (and 
increase exponentially). Maybe it would be better to try to first index 
the site (spider like), and then attempt to retrieve "mutated" 
filenames. For example, if you see index.html try: index.html.old, 
index.html.bak...


---*---

you can find a nice and flexible extension-brute-forcer here:

http://www.websec.org/tools/extensions_pl.html 

with a simple config-file here:

http://www.websec.org/tools/extensions.txt

nice day,


MeI






-- 
WebSec.org / Martin Eiszner
Gurkgasse 49/Top14
1140 Vienna
Austria / EUROPE

mei () websec org
http://www.websec.org
tel: 0043 699 121772 37

Current thread:

Website "Scanner" backed . up . by . 2048 . bit . encryption (Jan 08)
- Re: Website "Scanner" Kevin Spett (Jan 08)
  - Re: Website "Scanner" Dave Aitel (Jan 08)
- Re: Website "Scanner" sullo (Jan 08)
  - Re: Website "Scanner" Javier Fernandez-Sanguino (Jan 09)
    - Re: Website "Scanner" Martin Eiszner (Jan 11)
- RE: Website "Scanner" Nelson Sampaio Araujo Junior (Jan 08)
- Re: Website "Scanner" Chris Reining (Jan 08)
- Re: Website "Scanner" Nicolas Waisman (Jan 11)
- <Possible follow-ups>
- RE: Website "Scanner" Chris Neppes (Jan 08)
- RE: Website "Scanner" Zimin, Alex (Jan 08)
- Re: Website "Scanner" Joris De Donder (Jan 08)
- RE: Website "Scanner" backed . up . by . 2048 . bit . encryption (Jan 08)
  - RE: Website "Scanner" glyng (Jan 08)
    - Re: Website "Scanner" Kurt Seifried (Jan 08)
    - Re: Website "Scanner" sullo (Jan 09)

(Thread continues...)