Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Perl Script for Wapiti Web application vulnerability scanner / security

from [security] Network Security [Permanent Link]
Subject: Perl Script for Wapiti Web application vulnerability scanner / security auditor
Date: 25 Aug 2006 08:08:27 -0000 
Scanner & start.pl Download -> 
http://www.replica-solutions.de/index.php?ind=downloads&op=entry_view&iden=17

I have coded start.pl to handle the scanner easier...

in future i will code in the perl script all the other commands from the 
Scanner in -> "it's done when it's done".

Here is the First Simple Version for Basic Handling:

------ code begin ------
#!/usr/bin/perl

use Socket;
print "Wapiti Standart use comfortable Perl Script v1.0\n";
print "by Sourcecode (sourcecode(AT)replica-solutions(DOT)de)\n";
print "HTTP: www.replica-solutions.de\n\n";
print "Hostname Syntax : 192.168.1.1 or http://www.yourhost.com \n";
print "enter the IP or the Hostname from the Page you like to test\n\n Enter 
Host or IP:\n";
$scan_host = <STDIN>;
chop($scan_host);
print "enter the Url wich you want to exclude \n from this Scan (press return 
without input if \n you want to scan all!\n\n Enter Path or leave Blank:";
$exclude_path = <STDIN>;
chop($exclude_path);
my $Output = system("python wapiti.py $scan_host -x $host $exclude_path -u");
print "$Output";

------ code end ------

for my personal use, i've added hardcoded Proxy Support:

------ code begin ------
#!/usr/bin/perl
$proxy_ip = 127.0.0.1;
$proxy_port = 8118;

use Socket;
print "Wapiti Standart use comfortable Perl Script v1.0\n";
print "by Sourcecode (sourcecode(AT)replica-solutions(DOT)de)\n";
print "HTTP: www.replica-solutions.de\n\n";
print "Hostname Syntax : 192.168.1.1 or http://www.yourhost.com \n";
print "enter the IP or the Hostname from the Page you like to test\n\n Enter 
Host or IP:\n";
$scan_host = <STDIN>;
chop($scan_host);
print "enter the Url wich you want to exclude \n from this Scan (press return 
without input if \n you want to scan all!\n\n Enter Path or leave Blank:\n";
$exclude_path = <STDIN>;
chop($exclude_path);
my $Output = system("python wapiti.py $scan_host -x $host $exclude_path -u -p 
$proxy_ip:$proxy_port");
print "$Output";

------code end------

enjoy :)
-- 
yet another Exploit Source : http://www.replica-solutions.de
Warum ich kein Linux benutze: http://tinyurl.com/hjv5h
Nmap in combination with other Linux tools: http://tinyurl.com/pknlw

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Perl Script for Wapiti Web application vulnerability scanner / security auditor, security <=
Previous by Date:  Re: pentest physical security, intel96
Next by Date:  Re: [Full-disclosure] Re: Security researcher, Thierry Zoller
Previous by Thread:  Mastercard SDP compliance testing., Lee Lawson
Next by Thread:  Re: [Full-disclosure] Re: Security researcher, Thierry Zoller
Indexes:  [Date] [Thread] [Top] [All Lists]