Twenty Year Anniversary
Showing 1 - 5 of 5 RSS Feed

Files

whisker-1.4.0.tar.gz
Posted Aug 5, 2000
Authored by rain forest puppy | Site wiretrip.net

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.

Changes: Includes 10 anti-IDS tactics, brute force user names, brute force basic authentication guessing, now uses perl modules if available for extra speed, HTTP return values can be redefined, can now be used as a CGI, html output, SSL support, more vulnerabilities in the scan.db, and bug fixes.
tags | web, cgi
systems | unix
MD5 | 82bfffab803d74c8d6e064e3c4533a34

Related Files

whisker-2.1.tar.gz
Posted Dec 6, 2002
Authored by rain forest puppy | Site wiretrip.net

Whisker is a high quality URL scanner which is used to search for known vulnerable CGIs on websites. Whisker does this by both scanning the the CGIs directly as well as crawling the website in order to determine what CGIs are already currently in use. Whisker is scriptable and is easily tailored to do lots of flexible web scanning. Very stealthy. Implemented anti-IDS techniques. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host, Proxy, and SSL support.

Changes: Tons of changes - so many it's not worth individually documenting. Added the newbie.help guided configuration walkthrough. Fixed bugs.
tags | web, cgi
systems | unix
MD5 | cb51d20dad52350c93845fdc6829d577
whisker-1.4+SSL.tar.gz
Posted Oct 24, 2000
Authored by rain forest puppy | Site wiretrip.net

whisker v1.40 with native SSL support. Adds a -x option which uses the Net::SSLeay perl module and OpenSSL. Whisker is what I've dubbed a 'next generation' CGI scanner. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.

Changes: SSL patch by H.D. Moore at http://www.digitaloffense.net:8000.
tags | cgi, perl
systems | unix
MD5 | f7dc98073ab34f8f2717f8dcda302b80
whiskerids.html
Posted Jan 2, 2000
Authored by rain forest puppy | Site wiretrip.net

A look at whisker's anti-IDS tactics. Anti-Intrusion Detection System (IDS) tactics were one of the original key features of my whisker web scanner. The goal of any anti-IDS tactic is to mutate a request so much that the ID systems will get confused, but the web server will still be able to understand it, hence the subtitle "just how bad can we ruin a good thing?".

tags | paper, web
MD5 | 6e9e8b5619afc566d44fa31da9f45b34
whisker-1.3.0a.tar.gz
Posted Dec 24, 1999
Authored by rain forest puppy

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support.

Changes: 8 new anti-IDS tactics, scan SSL, alternate file formats, distributed scanning, 200 vulnerabilities, 100 servers, multi-threaded front end, and distributed proxy fixes.
tags | web, cgi
systems | unix
MD5 | 4a89a0b6b991891c244c9fa6ffd42b0b
whisker-1.2.0.tar.gz
Posted Nov 2, 1999
Authored by rain forest puppy

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Whatmore, I've tested it...and let's just say I haven't seen an IDS so far catch a scan when all the IDS evasion switches are used. ;) Includes over 130 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support.

Changes: added patch by Philip Stoev (philip@einet.bg) to bounce-scan off of AltaVista's AddURL mechanism. A few limitations, but still very cool. added switch to bounce-scan off of Anonymizer. updated and added various scan scripts.
tags | web, cgi
systems | unix
MD5 | 0b13a1b32e1a4cbae211e6c4272de5bd
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close