RE: Vuln scan tool for web

From: lockdown@thegeekzone.com
Date: Tue Jul 15 2003 - 14:56:28 EDT

• Next message: R. DuFresne: "RE: Vuln scan tool for web"
• Previous message: Balwant Rathore: "PenTest Study Group Madrid meeting"
• Maybe in reply to: Domingos Costa: "Vuln scan tool for web"
• Next in thread: R. DuFresne: "RE: Vuln scan tool for web"
• Reply: R. DuFresne: "RE: Vuln scan tool for web"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I think you're looking for a combination of these two PHP pages. They use Nmap to scan.

http://www.davidquintana.com/projects/nmapwebfe/nmapwebfe.html

The second site is now down so e-mail me directly for the code. The code is for scanning yourself but with only the basic flags. It's also complete.

I can't get them to work on servers with the latest version of PHP, and don't know why, so if you get them working could you please let me know. The problem is with the exec() statement.

Ben

-----Original Message-----
From: Domingos Costa [mailto:domingos@microlink.com.br]
Sent: Tuesday, July 15, 2003 12:00 PM
To: pen-test@securityfocus.com
Subject: Vuln scan tool for web

Hello,

I'm looking for a web tool that allow a user connected to my lan scan his own computer for
vulnerabilities. It's something similar to ShieldsUP! at grc.com, but i wanna put it inside my lan,
at a web server and the user can just click on to start probbing his ports. Do you know some tool??
I'm working with linux slackware.

Thanks.

---------------------------------------------------------------------------
Your network Firewall and IDS products do not prevent Web application
exploits - the most common form of online attack - resulting in Web
defacement, data theft, sabotage and fraud.

KaVaDo is the first and only company that provides a complete and an
integrated suite of Web application security products, allowing you to
assess your entire environment, automatically set positive security
policies and maintain it without compromising business performance.

For more information on KaVaDo and to download a FREE white paper on Web
applications - security policy automation, please visit:
http://www.kavado.com/ad.htm
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Your network Firewall and IDS products do not prevent Web application
exploits - the most common form of online attack - resulting in Web
defacement, data theft, sabotage and fraud.

KaVaDo is the first and only company that provides a complete and an
integrated suite of Web application security products, allowing you to
assess your entire environment, automatically set positive security
policies and maintain it without compromising business performance.

For more information on KaVaDo and to download a FREE white paper on Web
applications - security policy automation, please visit:
http://www.kavado.com/ad.htm
----------------------------------------------------------------------------

• Next message: R. DuFresne: "RE: Vuln scan tool for web"
• Previous message: Balwant Rathore: "PenTest Study Group Madrid meeting"
• Maybe in reply to: Domingos Costa: "Vuln scan tool for web"
• Next in thread: R. DuFresne: "RE: Vuln scan tool for web"
• Reply: R. DuFresne: "RE: Vuln scan tool for web"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:36 EDT