From: merigoth@gmail.com
Date: Wed Jan 23 2008 - 15:02:03 EST
Also, I'd recommend the book "webbots, spiders, and screen scrappers'
by michael schrenk. It has some good ideas about spidering and
crawlers.
-----Original Message-----
From: listbounce@securityfocus.com
[mailto:listbounce@securityfocus.com] On Behalf Of Tonnerre Lombard
Sent: Sunday, January 20, 2008 9:38 PM
To: me me
Cc: pen-test@securityfocus.com
Subject: Re: Spidering
Salut,
On Thu, 17 Jan 2008 17:58:41 +0000 "me me"
<securityoneoone@googlemail.com> wrote:
> Whilst I don't expect it to get everything (JavaScript etc is going
to
> take manual intervention, so is a number of other possible
> technologies), I have never really found a tool that I consider to
be
> the defacto spidering tool from this perspective. One of the biggest
> problems is a lot of the spiders seem to choke on really big sites,
or
> go into infinite loops etc etc.
Yes, Microsoft Passport is very evil there, as an example. My trick to
solve the Microsoft Passport Problem is to search every link if it
contains an URLencoded version of the current URL and if it does,
ignore it. That appears to avoid deadloops.
I haven't yet seen other deadloops as far as I remember, but then
again I didn't index very much yet.
Tonnerre
-- SyGroup GmbH Tonnerre Lombard Solutions Systematiques Tel:+41 61 333 80 33 Güterstrasse 86 Fax:+41 61 383 14 67 4053 Basel Web:www.sygroup.ch tonnerre.lombard@sygroup.ch ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:21 EDT