Re: Know such a web's server tool?

From: Ty Bodell (ovayohead@email.com)
Date: Thu Jul 17 2003 - 12:35:51 EDT


Sounds a little like CANVAS from http://www.immunitysec.com/CANVAS/
But a majority of the tools you find won't do the "breaking
in" part of the scan. They won't execute the exploits they will
just grab banners and more non intrusive stuff.
CANVAS will do the breaking and entering or at least execute the
exploit :-) --then again theres always CORE Impact.
--Ty Bodell

----- Original Message -----
From: "MARTIN M. Bénoni" <benoni_martin@hotmail.com>
Date: Thu, 17 Jul 2003 11:40:17 +0000
To: pen-test@securityfocus.com
Subject: Know such a web's server tool?

> Hi list!
>
> I am currently writing an application which will allow to find out all (well
> the maximum of them! :) ) the servers on a network. Here is how it works:
> 1- I feed it with a list of targets (command-line or file): CIDR subnets,
> hostnames, IP address(es),..
> 2- I specify a type of scan: looking for FTP, HTTP, POP, ... servers /
> intrusive scan or not / ....
> 3- It tries to find them out.
> 4- Gets its OS and vulnerabilities. And if desired, it will try to breack
> down the systems using the found vulnerabilities.
> 5- Creates a simple HTML page with the results.
>
> I have been wandering around Internet, and I could not find any tool like
> that (well doing all these features). So, if you know such a tool, could you
> tell me about it? If you have any idea/clue/help, feel free to mail me!
>
> Cheers!
>
> Bénoni-
>
> _________________________________________________________________
> STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
> http://join.msn.com/?page=features/junkmail
>
>
> ---------------------------------------------------------------------------
> Your network Firewall and IDS products do not prevent Web application
> exploits - the most common form of online attack - resulting in Web
> defacement, data theft, sabotage and fraud.
>
> KaVaDo is the first and only company that provides a complete and an
> integrated suite of Web application security products, allowing you to
> assess your entire environment, automatically set positive security
> policies and maintain it without compromising business performance.
>
> For more information on KaVaDo and to download a FREE white paper on Web
> applications - security policy automation, please visit:
> http://www.kavado.com/ad.htm
> ----------------------------------------------------------------------------
>

-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup
CareerBuilder.com has over 400,000 jobs. Be smarter about your job search
http://corp.mail.com/careers
---------------------------------------------------------------------------
Your network Firewall and IDS products do not prevent Web application
exploits - the most common form of online attack - resulting in Web
defacement, data theft, sabotage and fraud.
KaVaDo is the first and only company that provides a complete and an
integrated suite of Web application security products, allowing you to
assess your entire environment, automatically set positive security
policies and maintain it without compromising business performance.
For more information on KaVaDo and to download a FREE white paper on Web
applications - security policy automation, please visit:
http://www.kavado.com/ad.htm
----------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:36 EDT