Re: Website detection

From: pand0ra (pand0ra.usa@gmail.com)
Date: Thu Feb 22 2007 - 00:24:02 EST

• Next message: ankur jindal: "Re: Websites Finding"
• Previous message: Bojan Zdrnja: "Re: Websites Finding"
• In reply to: Robin Wood: "Re: Website detection"
• Next in thread: Paul Melson: "RE: Website detection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You can try BiDiBlah.

On 2/20/07, Robin Wood <dninja@gmail.com> wrote:
> It would be fairly simple to write a script which took a dictionary
> and used curl or wget to hit the site with each dictionary word
> appended on the url.
>
> Try to add extra words to the dictionary from the company website and
> company related documentation to allow you to cover company specific
> words.
>
> That is how I'd start.
>
> Robin
>
> On 2/19/07, 3 shool <3shool@gmail.com> wrote:
> > Hello Everyone,
> >
> > We are doing a PT for one of our customers with 5 webservers. None of
> > these webservers have the website on the main url like
> > http://xxx.xxx.xxx.xxx but they have confirmed that they have critical
> > applications running on all the 5 web servers and for security
> > purposes they have moved the websites to something like
> > http://xxx.xxx.xxx.xxx/yyy.
> >
> > Now manually I guess it will take years to identify the correct URL
> > having the critical website by using guessing techniques. I was
> > wondering if there is a tool that could try various popular and brute
> > force combinations to automatically guess the possible URLs.
> >
> > I'm sure many of you would have wonderful ideas to address this
> > problem. Pls. enlighten.
> >
> > THNX
> >
> > ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> >
> > http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> > ------------------------------------------------------------------------
> >
> >
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------
>
>

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: ankur jindal: "Re: Websites Finding"
• Previous message: Bojan Zdrnja: "Re: Websites Finding"
• In reply to: Robin Wood: "Re: Website detection"
• Next in thread: Paul Melson: "RE: Website detection"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:36 EDT