what you don't know can hurt you
Showing 1 - 5 of 5 RSS Feed

Files

whisker-1.4.0.tar.gz
Posted Aug 5, 2000
Authored by rain forest puppy | Site wiretrip.net

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.

Changes: Includes 10 anti-IDS tactics, brute force user names, brute force basic authentication guessing, now uses perl modules if available for extra speed, HTTP return values can be redefined, can now be used as a CGI, html output, SSL support, more vulnerabilities in the scan.db, and bug fixes.
tags | web, cgi
systems | unix
MD5 | 82bfffab803d74c8d6e064e3c4533a34

Related Files

whisker-2.1.tar.gz
Posted Dec 6, 2002
Authored by rain forest puppy | Site wiretrip.net

Whisker is a high quality URL scanner which is used to search for known vulnerable CGIs on websites. Whisker does this by both scanning the the CGIs directly as well as crawling the website in order to determine what CGIs are already currently in use. Whisker is scriptable and is easily tailored to do lots of flexible web scanning. Very stealthy. Implemented anti-IDS techniques. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host, Proxy, and SSL support.

Changes: Tons of changes - so many it's not worth individually documenting. Added the newbie.help guided configuration walkthrough. Fixed bugs.
tags | web, cgi
systems | unix
MD5 | cb51d20dad52350c93845fdc6829d577
whisker-1.4+SSL.tar.gz
Posted Oct 24, 2000
Authored by rain forest puppy | Site wiretrip.net

whisker v1.40 with native SSL support. Adds a -x option which uses the Net::SSLeay perl module and OpenSSL. Whisker is what I've dubbed a 'next generation' CGI scanner. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support. Can be used as a CGI.

Changes: SSL patch by H.D. Moore at http://www.digitaloffense.net:8000.
tags | cgi, perl
systems | unix
MD5 | f7dc98073ab34f8f2717f8dcda302b80
whiskerids.html
Posted Jan 2, 2000
Authored by rain forest puppy | Site wiretrip.net

A look at whisker's anti-IDS tactics. Anti-Intrusion Detection System (IDS) tactics were one of the original key features of my whisker web scanner. The goal of any anti-IDS tactic is to mutate a request so much that the ID systems will get confused, but the web server will still be able to understand it, hence the subtitle "just how bad can we ruin a good thing?".

tags | paper, web
MD5 | 6e9e8b5619afc566d44fa31da9f45b34
whisker-1.3.0a.tar.gz
Posted Dec 24, 1999
Authored by rain forest puppy

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Includes over 200 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support.

Changes: 8 new anti-IDS tactics, scan SSL, alternate file formats, distributed scanning, 200 vulnerabilities, 100 servers, multi-threaded front end, and distributed proxy fixes.
tags | web, cgi
systems | unix
MD5 | 4a89a0b6b991891c244c9fa6ffd42b0b
whisker-1.2.0.tar.gz
Posted Nov 2, 1999
Authored by rain forest puppy

whisker is what I've dubbed a 'next generation' CGI scanner. It is Scriptable. It's a programming-ish language that is tailored to do lots of flexible web scanning. Very stealthy. I've implemented anti-IDS checks into the scan. Whatmore, I've tested it...and let's just say I haven't seen an IDS so far catch a scan when all the IDS evasion switches are used. ;) Includes over 130 checks. Lots of options. Reads in nmap output, files full of domains, or single host. Virtual host support. Proxy support.

Changes: added patch by Philip Stoev (philip@einet.bg) to bounce-scan off of AltaVista's AddURL mechanism. A few limitations, but still very cool. added switch to bounce-scan off of Anonymizer. updated and added various scan scripts.
tags | web, cgi
systems | unix
MD5 | 0b13a1b32e1a4cbae211e6c4272de5bd
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close