9528 matches found
finger_google
This plugin finds mail addresses in google. Two configurable parameters exist: resultlimit fastsearch If fastsearch is set to False, this plugin searches google for : "@domain.com", requests all search results and parses them in order to find new mail addresses. If the fastsearch configuration...
zone_h
This plugin searches the zone-h.org defacement database and parses the result. The information stored in that database is useful to know about previous defacements to the target website. In some cases, the defacement site provides information about the exploited vulnerability, which may be still...
halberd
This plugin tries to find if an HTTP Load balancer is present. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood:...
detect_transparent_proxy
This plugin tries to detect transparent proxies. The procedure for detecting transparent proxies is simple, I try to connect to a series of IP addresses, to the port 80, if all of them return an opened socket, then its the proxy server responding. Plugin type Infrastructure Options This plugin...
frontpage_version
This plugin searches for the FrontPage Server Info file and if it finds it will try to determine the version of the Frontpage Server Extensions. The file is located inside the web server webroot. For example: http://localhost/vtiinf.html Plugin type Infrastructure Options This plugin doesnt have...
domain_dot
This plugin finds misconfigurations in the virtual host settings by sending a specially crafted request with a trailing dot in the domain name. For example, if the input for this plugin is http://host.tld/ , the plugin will perform a request to http://host.tld./ . In some misconfigurations, the...
xssed_dot_com
This plugin searches the xssed.com database and parses the result. The information stored in that database is useful to know about previous XSS vulnerabilities in the target website. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more informatio...
finger_bing
This plugin finds mail addresses in Bing search engine. One configurable parameter exist: resultlimit This plugin searches Bing for : "@domain.com", requests all search results and parses them in order to find new mail addresses. Plugin type Infrastructure Options Name | Type | Default Value |...
fingerprint_waf
Try to fingerprint the Web Application Firewall that is running on the remote end. Please note that the detection of the WAF is performed by the infrastructure.afd plugin afd stands for Active Filter Detection. Plugin type Infrastructure Options This plugin doesnt have any user configured options...
hmap
This plugin fingerprints the remote web server and tries to determine the server type, version and patch level. It uses fingerprinting, not just the Server header returned by remote server. This plugin is a wrapper for Dustin Lees hmap. One configurable parameters exist: genFpF If genFpF is set t...
shared_hosting
This plugin tries to find out if the web application under test is stored in a shared hosting. The procedure is pretty simple, using bing search engine, the plugin searches for "ip:1.2.3.4" where 1.2.3.4 is the IP address of the webserver. One configurable option exists: resultlimit Fetch the fir...
dav
This plugin finds WebDAV configuration errors. These errors are generally server configuration errors rather than a web application errors. To check for vulnerabilities of this kind, the plugin will try to PUT a file on a directory that has WebDAV enabled, if the file is uploaded successfully, th...
find_vhosts
This plugin uses the HTTP Host header to find new virtual hosts. For example, if the intranet page is hosted in the same server that the public page, and the web server is misconfigured, this plugin will discover that virtual host. Please note that this plugin doesnt use any DNS technique to find...
favicon_identification
This plugin identifies software version using favicon.ico file. It checks MD5 of favicon against the MD5 database of favicons. See also: http://www.owasp.org/index.php/Category:OWASPFaviconDatabaseProject http://kost.com.hr/favicon.php Plugin type Infrastructure Options This plugin doesnt have an...
server_status
This plugin fetches the server-status file used by Apache, and parses it. After parsing, new URLs are found, and in some cases, the plugin can deduce the existance of other domains hosted on the same server. Plugin type Infrastructure Options This plugin doesnt have any user configured options...
find_jboss
This plugin identifies JBoss installation directories and possible security vulnerabilities. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand...
Data Sharing, Cooperation Key to Critical Infrastructure Security
WASHINGTON–The topic of critical infrastructure security may be the prettiest girl at the dance right now for both politicians and technology companies, but the problem of attackers going after these targets is one that security people have been dealing with for some time. But that doesn’t mean...
Politics, Uncertainty Slowing Down U.S. Response to Cyber Threats
WASHINGTON–The shift in the last few years to cyberespionage and online attacks against the nation’s critical infrastructure have left the United States government lagging behind, and “a day late and a dollar short”, the former director of the National Security Agency said. The ongoing campaigns...
CVE-2013-1247
Cross-site scripting XSS vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356...
Cross site scripting
Cross-site scripting XSS vulnerability in the wireless configuration module in Cisco Prime Infrastructure allows remote attackers to inject arbitrary web script or HTML via an SSID that is not properly handled during display of the XML windowing table, aka Bug ID CSCuf04356...