.:[ packet storm ]:.
                               
plan for the worst
plan for the worst

 Section:  .. / UNIX / cgi-scanners  /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 88
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: arirang-1.6beta.tar.gz
Description:
 Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities. This is the OpenBSD/NetBSD/FreeBSD version.
Author:Pilot
Homepage:http://www.monkey.org/~pilot/arirang
File Size:52791
Last Modified:Jan 25 02:13:14 2002
MD5 Checksum:e5fbca4ae12308dd8edc11f675841488

 ///  File Name: screamingCobra-1.04.tar.gz
Description:
 ScreamingCobra is an application for remote vulnerability discovery in ANY UNKNOWN web applications such as CGIs and PHP pages. Simply put, it attempts to find vulnerabilities in all web applications on a host without knowing anything about the applications. Modern CGI scanners scan a host for CGIs with known vulnerabilities. ScreamingCobra is able to 'find' the actual vulnerabilities in ANY CGI, whether it has been discovered before or not.
Author:Samy Kamkar
Homepage:http://cobra.LucidX.com
Changes:Several bug fixes, support for adding attacking techiques and a Windows binary has been added.
File Size:414990
Last Modified:Jan 13 21:23:34 2002
MD5 Checksum:a36d646cb96a64a95f7aa2f5c07224e7

 ///  File Name: cgiaudit-1.0.tar.gz
Description:
 CGIAudit is a black-box debugging tool which automatically audits CGI entities with only an interface specification, the HTML form. Attack types that a CGI script or program become subject to are configurable, as well as server replies that denote a possible penetration success. Other features include a built-in spider, proxy support, and hexadecimal encoding of requests.
Author:S
File Size:69018
Last Modified:Jan 11 13:09:36 2002
MD5 Checksum:8a5e585d220f86b1b68363490dbefde2

 ///  File Name: arirang-1.6beta_other.tar.gz
Description:
 Arirang is a powerful webserver security scanner with many features. Checks over 700 vulnerabilities.
Author:Pilot
Homepage:http://www.monkey.org/~pilot/arirang
File Size:78723
Last Modified:Nov 20 00:16:09 2001
MD5 Checksum:7cc024a6125eff6e125d85586da5b5e2

 ///  File Name: unicode.db
Description:
 Unicode.db is an unicode/double-decode plugin for use with whisker.
Author:B-root
File Size:66683
Last Modified:Aug 30 01:39:09 2001
MD5 Checksum:c16ae80fc793c9cf7d86cf68439e3513

 ///  File Name: libwhisker-pr3.tgz
Description:
 Libwhisker is a perl module for performing whisker CGI vulnerability checks. This is a preview release.
Author:RFP
Homepage:http://www.wiretrip.net
File Size:21334
Last Modified:Jul 18 21:28:51 2001
MD5 Checksum:859aeb6d3a54ca680487199d965afd49

 ///  File Name: malice-7.0b.tar.gz
Description:
 Malice v7.0 beta is a perl CGI scanner with an updated CGI list. Includes many anti-IDS functions, IIS checks, and more.
Author:Natas
Changes:New anti-IDS techniques, updated CGI's, and IIS checks.
File Size:5462
Last Modified:Jul 11 03:52:15 2001
MD5 Checksum:24d2a43a74c2329edd48d1ee7722736b

 ///  File Name: Stealth-1.0-b23.zip
Description:
 Stealth HTTP Security Scanner 1.0 build 23 - Checks for 2967 http vulnerabilities. Run on Win32 and Linux under Wine. Free.
Author:Felipe Moniz
Changes:Added anti-redirect system, extended unicode test, and new holes.
File Size:368494
Last Modified:May 21 19:57:49 2001
MD5 Checksum:b27e344269b422127abc1550ebbdc8cc

 ///  File Name: cst1_3.tar.gz
Description:
 CST contains a script scanner, that scans using a database of scripts (user editable). The sample databases included contains +700 possibly vulnerable scripts/dirs. You can scan with or without a proxy server. The scanner has 11 different Anti-IDS tactics (hex-values, double slashes, self-reference dirs, parameter hiding and session splicing), and sends fake "X-Forwarded-For:", "Referer:" and "User-Agent:" headers to hide your scan even more. You can also specify a wait time between 2 script fetches. The scanner uses HEAD requests instead of GET for faster scanning, and has support for scanning virtual hosts. You can also specify another port to scan instead of the standard port 80. The scanner outputs the scripts/dirs that return a 200, 403 or 401 HTTP code and outputs the webserver software. A full and comprehensive manual is included.
Author:Toxic Ocean
Homepage:http://www.blackhat.be
File Size:21332
Last Modified:Apr 24 20:21:19 2001
MD5 Checksum:4956b51499007de6c31e5fd22699dbfe

 ///  File Name: cgichk_2.60.tar.gz
Description:
 Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.
Author:Toby Deshane
Homepage:http://sourceforge.net/projects/cgichk/
Changes:Added PHP versions of old targets, a couple new targets, some new switches, and bug fixes.
File Size:15972
Last Modified:Apr 8 13:57:31 2001
MD5 Checksum:7356d93d0f8b19b226f84fc0e91da66f

 ///  File Name: cscan.pl
Description:
 Cscan is a CGI scanner in perl which reads vulnerabilities from a database.
Author:Iceburg
Homepage:Http://www.comstat.co.za
File Size:3738
Last Modified:Mar 9 19:59:54 2001
MD5 Checksum:74fcb0fc32b3b06a2b41639a85ddb391

 ///  File Name: twwwscan12.zip
Description:
 TWWWscan is a Windows based www vulnerability scanner which looks for 400 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding and passive mode scan. Tested on win95 osr2 win98,win98se,win nt4,win 2k/Me.
Author:Pilot
Homepage:http://search.iland.co.kr/twwwscan
Changes:Major update - Added virtual host scan, GET method, http request injection, blowfish support, and bug fixes.
File Size:354154
Last Modified:Feb 20 20:33:34 2001
MD5 Checksum:e2d407b2dd2b84f3ce234dd3cacebe61

 ///  File Name: mcgi.tar.gz
Description:
 Mass CGI scanner. From Guile Cool.
File Size:37746
Last Modified:Jan 25 02:40:26 2001
MD5 Checksum:771d290353c4888a83b230a32b6fb27f

 ///  File Name: flatline-0.75.tar.gz
Description:
 Flatline is a Web Server vulnerability scanner, beta version for linux, BSD. Options include mass host scanning, scanning through proxies, Detection evasion, quick banner grab scans, interactive mode to send specific url's. Also includes sample exploit database if a vulnerable file is found it will print a BugTraq ID or way to exploit the file. This is a semi beta release lots of new things to come.
Homepage:http://www.c1sco.net/flatline
File Size:6050
Last Modified:Jan 15 00:51:39 2001
MD5 Checksum:26277c6cc02b7186ba268a0b2ae46b3d

 ///  File Name: cgisec.txt
Description:
 PERL/CGI Hacking - What makes CGI scripts insecure and how to exploit them.
Author:Tonec.
File Size:37250
Last Modified:Jan 15 00:50:21 2001
MD5 Checksum:5649ad7dce8adccef9699054adbc31c0

 ///  File Name: pudding01.tar.gz
Description:
 Pudding is a proxy which recodes HTTP requests using most of RFP's IDS evasion encoding methods, plus random UTF-8 encoding support. Allows any web aware program/exploit/cgi-scanner to evade IDS without modification of the original code. Encoding methods include all uppercase, hex encoding, /./ directory insertion, fake parameters, premature URL endings, windows delimiters, and random UTF8 encoding.
Author:Roelof W Temmingh
Homepage:http://www.sensepost.com
File Size:6236
Last Modified:Jan 12 19:40:35 2001
MD5 Checksum:c59f537e8c2babca36afbce55c28089b

 ///  File Name: scowl_cgi.tar.gz
Description:
 Scowl_Cgi is a CGI scanner which allows you to easily add new bugs. Works very fast, using threads. Warns you, for hosts that return false positive answers. Freeware. Testing for more than 400 bugs.
Author:Melih Sarica
Homepage:http://www.bilgiteks.com/itt/tools
File Size:10333
Last Modified:Jan 5 21:20:46 2001
MD5 Checksum:49f294de71d4d33830100b67aefd7b5b

 ///  File Name: ummmm.c
Description:
 ummmm.c v2.1 is a URL obfuscation tool which converts something like /cgi-bin/some.cgi into %2f%63%67%69%2d%62%69%6e%2f%73%6f%6d%65%2e%63%67%69. It might be used in cgi scanners which require an input file with cgi requests.
Author:Incubus and R00T-dude
Homepage:http://securax.org/incubus
File Size:2105
Last Modified:Dec 26 19:32:10 2000
MD5 Checksum:b4046289bf986622f664bc3081dbca6e

 ///  File Name: twwwscan07.zip
Description:
 TWWWscan is a Windows based www vulnerability scanner which looks for 300 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding and passive mode scan. Tested on win95 osr2 win98,win98se,win nt4,win 2k/Me.
Author:Pilot
Homepage:http://search.iland.co.kr/twwwscan
Changes:Includes NT/2000 IIS detailed patch information, CVE information support, and report support.
File Size:130478
Last Modified:Dec 26 02:18:29 2000
MD5 Checksum:0883ee41c038940fa7658a29397d5722

 ///  File Name: cgichk_2.50.tar.gz
Description:
 Cgichk is a web vulnerability scanner which automatically searches for a series of interesting directories and files on a given site. Instead of focusing on vulnerable CGI scripts, it looks for interesting and/or hidden directories such as logs, testing, secret, scripts, stats, restricted, code, robots.txt, etc.
Author:Toby Deshane
Homepage:http://sourceforge.net/projects/cgichk/
Changes:This version is a somewhat major code rewrite. HTTP requests were fixed (most sites work correctly now). HTTP proxy support was added. User agent identification was added. URL parsing code was rewritten. A couple more targets were added.
File Size:14377
Last Modified:Dec 19 13:17:54 2000
MD5 Checksum:0398cb2d6bc5f49434da8cff6981e846

 ///  File Name: twwwscan06.zip
Description:
 TWWWscan is a Windows based www vulnerability scanner which looks for 300 www/cgi vulnerabilities . Displays http header, server info, and tries for accurate results. Now features anti-IDS url encoding and passive mode scan. Tested on win95 osr2 win98,win98se,win nt4,win 2k/Me.
Author:TSS
Homepage:http://search.iland.co.kr/twwwscan
Changes:Redhat 7 webserver detection patch, Internet Information Server Sample Directory and file Search Scan-iissample, Netscape Enterprise Server Vulnerability Scan-nesscan, and Detail Windows NT/2k Patch Information.
File Size:120338
Last Modified:Nov 17 11:36:57 2000
MD5 Checksum:ca5309d08b465a9cda4752d5e3c39cae

 ///  File Name: malice5.2.pl
Description:
 Malice v.5.2 scans for over 238 cgi vulnerabilities and uses anti-IDS tactics as discussed in RFP's famous whitepaper. Written in perl. Checks for known bugs and interesting directories.
Author:Natas
Homepage:http://rsh.defacements.com
File Size:20861
Last Modified:Oct 30 18:53:58 2000
MD5 Checksum:a4d376fae0f655e944297a37c0873461

 ///  File Name: riven-1.0.1.tar.gz
Description:
 Riven is a CGI scanner which uses RFP anti-IDS tactics, flase browser / referer, and a perl/GTK interface.
Author:Zorgon
File Size:16847
Last Modified:Oct 27 03:15:55 2000
MD5 Checksum:80be40e874f75a011003990b38d9d684

 ///  File Name: whisker-1.4+SSL.tar.gz
Description:
 whisker v1.40 with native SSL support. Adds a -x option which uses the Net::SSLeay perl module and OpenSSL. Whisker is what I've dubbed a 'next generation' CGI scanner. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.
Author:Rain Forrest Puppy and ssl patch by H.D. Moore
Homepage:http://www.wiretrip.net
Changes:SSL patch by H.D. Moore at http://www.digitaloffense.net:8000.
File Size:173401
Last Modified:Oct 24 02:56:25 2000
MD5 Checksum:f7dc98073ab34f8f2717f8dcda302b80

 ///  File Name: cst.tar.gz
Description:
 The Cum Security Toolkit v1.2 is a cgi/port scanner which checks for over 350 vulnerable CGI scripts and can implement 5 different Anti-IDS tactics. Features support for vhosts, wait times, fake X-forwarded-for: headers, and much more.
Author:Toxic
Homepage:http://blackhat.be
File Size:13007
Last Modified:Oct 21 01:42:40 2000
MD5 Checksum:855b5e362bcab249f0fe7fe823608081
 

 ///  Last 10 Files
  1. :· MDVSA-2008-235.txt
  2. :· cambridge-sql.txt
  3. :· verlihub-exec.txt
  4. :· DDIVRT-2008-15.txt
  5. :· openssh-cbc-adv.txt
  6. :· joomlathyme-sql.txt
  7. :· BitDefenderDOS.zip
  8. :· fwknop-1.9.9.tar.gz
  9. :· kvirc-exec.txt
  10. :· vcalendar-disclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2008-235.txt
  2. :· DDIVRT-2008-15.txt
  3. :· openssh-cbc-adv.txt
  4. :· ZDI-08-076.txt
  5. :· ZDI-08-075.txt
  6. :· MDVSA-2008-233.txt
  7. :· SSRT080059.txt
  8. :· MDVSA-2008-220-1.txt
  9. :· MDVSA-2008-232.txt
  10. :· USN-674-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· cambridge-sql.txt
  2. :· verlihub-exec.txt
  3. :· joomlathyme-sql.txt
  4. :· BitDefenderDOS.zip
  5. :· kvirc-exec.txt
  6. :· vcalendar-disclose.txt
  7. :· toursmanager-blindsql.txt
  8. :· phprsgal-sql.txt
  9. :· natterchat-sql.txt
  10. :· php526-bypass.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· fwknop-1.9.9.tar.gz
  2. :· pysumpas-0.2.0.tar.gz
  3. :· framework-3.2.tar.gz
  4. :· tor.uclibc.i686.20081115.iso
  5. :· RFIDIOt-Windows-0.1u.zip
  6. :· RFIDIOt-0.1u.tgz
  7. :· dps-v1.5.tar.gz
  8. :· smbrelay3.zip
  9. :· mptrey.tar.gz
  10. :· dotnetsploitsrc-1.0.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· java2-malware.pdf
  2. :· return-to-libc-linux.txt
  3. :· stack-overflow-linux.txt
  4. :· smallest_setuid_execve_sc.c
  5. :· sudoers-shellcode.txt
  6. :· strongswan-4.2.9.tar.gz
  7. :· hodetector-shellcode.txt
  8. :· rtm-essential5.pdf
  9. :· unixasm-1.3.0.tar.gz
  10. :· bnd-networks.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice