Sign in to follow this  
Followers 0
Aghaster

Site Scanner

10 posts in this topic

I'm wondering if there are any good website scanners for Linux, that would try finding files which are hosted on a website but are not linked to. For instance, someone puts a "secret" /secret_images/ folder in his website, and his web site doesn't link to it. I vaguely remember a tool like that for Windows, but I can't remember the name, but now I'd like something for Linux. Any recommendations?

0

Share this post


Link to post
Share on other sites

I believe OWASP's WebScarab will do what you are looking for. It uses either a word-list or bruteforce to find directories and files that are not linked to.. For windows there is a tool called Intellitamper that does the same... hope that is what your looking for...

0

Share this post


Link to post
Share on other sites

I agree with with WhatChout, Nikto is really good for that sort of thing, hell I was using it just this morning and it gives you such good output.

0

Share this post


Link to post
Share on other sites
I agree with with WhatChout, Nikto is really good for that sort of thing, hell I was using it just this morning and it gives you such good output.

Yeah, I gave it a shot a it really looks like a nice tool. Thanks WhatChout :P

0

Share this post


Link to post
Share on other sites
I believe OWASP's WebScarab will do what you are looking for. It uses either a word-list or bruteforce to find directories and files that are not linked to.. For windows there is a tool called Intellitamper that does the same... hope that is what your looking for...

Any one happen to have a good word list to use or any suggestions?

0

Share this post


Link to post
Share on other sites

Nikto is great. There are tons more apps like that on the Backtrack distro.

0

Share this post


Link to post
Share on other sites

but nikto does not work on all the webservers...

it works only on some servers...

but i must must admit that the kinda scannig depth is very gud !

^_^

i havent tried but u can also try saint's products, i gues they come with backtract 4 and 3 versions. that is a framework that can suit the needs. i wonder tht if they work remotely... :huh:

0

Share this post


Link to post
Share on other sites
I believe OWASP's WebScarab will do what you are looking for. It uses either a word-list or bruteforce to find directories and files that are not linked to.. For windows there is a tool called Intellitamper that does the same... hope that is what your looking for...

Any one happen to have a good word list to use or any suggestions?

DirBuster has some decent lists..

I Forgot: DirBuster is a good tool as well.... Works on most every O/S since it is written in Java..

Edited by tekio
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0