5315 matches found
find_captchas
This plugin finds any CAPTCHA images that appear on a HTML document. The crawl is performed by requesting the document two times, and comparing the image hashes, if they differ, then they may be a CAPTCHA. Plugin type Crawl Options This plugin doesnt have any user configured options. Source For...
xpath
This plugin finds XPATH injections. To find this vulnerabilities the plugin sends the string "dz0" to every injection point, and searches the response for XPATH errors. Plugin type Audit Options This plugin doesnt have any user configured options. Source For more information about this plugin and...
error_500
This plugin greps every page for error 500 pages that havent been caught by other plugins. By enabling this, you are enabling a "safety net" that will catch all interesting HTTP responses which might lead to a bug or vulnerability. Plugin type Grep Options This plugin doesnt have any user...
find_jboss
This plugin identifies JBoss installation directories and possible security vulnerabilities. Plugin type Infrastructure Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand...
svn_users
This plugin greps every page for users of the versioning system. Sometimes the HTML pages are versioned using CVS or SVN, if the header of the versioning system is saved as a comment in this page, the user that edited the page will be saved on that header and will be added to the knowledge base...
un_ssl
This plugin verifies that URLs that are available using HTTPS arent available over an insecure HTTP protocol. To detect this, the plugin simply requests "https://abc/a.asp" and "http://abc.asp" and if both are equal, a vulnerability is found. Plugin type Audit Options This plugin doesnt have any...
shared_hosting
This plugin tries to find out if the web application under test is stored in a shared hosting. The procedure is pretty simple, using bing search engine, the plugin searches for "ip:1.2.3.4" where 1.2.3.4 is the IP address of the webserver. One configurable option exists: resultlimit Fetch the fir...
rnd_path
This evasion plugin adds a random path to the URI. Example: Input: /bar/foo.asp Output : /aflsasfasfkn/../bar/foo.asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source...
html_comments
This plugin greps every page for HTML comments, special comments like the ones containing the words "password" or "user" are specially reported. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests,...
http_in_body
This plugin searches for HTTP responses that contain other HTTP request/responses in their response body. This situation is mostly seen when programmers enable some kind of debugging for the web application, and print the original request in the response HTML as a comment. Plugin type Grep Option...
wsdl_finder
This plugin finds new web service descriptions and other web service related files by appending "?WSDL" to all URLs and checking the response. Plugin type Crawl Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests,...
bing_spider
This plugin finds new URLs in Bing search engine. One configurable parameters exist: resultlimit This plugin searches Bing for : "site:domain.com", requests all search results and parses them in order to find new URLs. Plugin type Crawl Options Name | Type | Default Value | Description | Help...
response_splitting
This plugin will find response splitting vulnerabilities. The detection is done by sending "w3af\r\nVulnerable: Yes" to every injection point, and reading the response headers searching for a header with name "Vulnerable" and value "Yes". Plugin type Audit Options This plugin doesnt have any user...
http_vs_https_dist
This plugin analyzes the network distance between the HTTP and HTTPS ports giving a detailed report of the traversed hosts in transit to target:port. You should have root/admin privileges in order to run this plugin succesfully. Explicitly declared ports on the entered target override those...
fingerprint_os
This plugin fingerprints the remote web server and tries to determine the Operating System family Windows, Unix, etc.. The fingerprinting is at this moment really trivial, because it only uses one technique: windows path separator in the URL. For example, if the input URL is...
file_upload
This plugin greps every page for forms with file upload capabilities. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood:...
private_ip
This plugin greps every page body and headers for private IP addresses. Plugin type Grep Options This plugin doesnt have any user configured options. Source For more information about this plugin and the associated tests, theres always the source code to understand exactly whats under the hood:...
Resin Application Server 4.0.36 XSS / Source Code Disclosure
Resin Application Server version 4.0.36 suffers from a cross site scripting / source code disclosure vulnerabilities. Resin Application Server 4.0.36 Cross-Site Scripting Vulnerabilities Vendor: Caucho Technology, Inc. Product web page: http://www.caucho.com Affected version: Resin Professional...
Resin Application Server 4.0.36 - Source Code Disclosure
Resin Application Server 4.0.36 - Source Code Disclosure Resin Application Server 4.0.36 Source Code Disclosure Vulnerability Vendor: Caucho Technology, Inc. Product web page: http://www.caucho.com Affected version: Resin Professional Web And Application Server 4.0.36 Summary: Resin is the Java...
Resin Application Server 4.0.36 - Source Code Disclosure
Resin Application Server 4.0.36 Source Code Disclosure Vulnerability Vendor: Caucho Technology, Inc. Product web page: http://www.caucho.com Affected version: Resin Professional Web And Application Server 4.0.36 Summary: Resin is the Java Application Server for high traffic sites that require spe...