Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Web application scanner
Posted by: nEUrOO
Date: December 01, 2006 04:40PM

I've been working on a web apps scanner for a couple of weeks now because I really wanted to know how it works (I'm working on web apps scanner evaluation at NIST). So I decided to create one.

Basically, the tool load some XML with attacks patterns (such as the http://ha.ckers.org/xssAttacks.xml) and *try* to deal with the results. Because it's a small tool, it's very long etc. but it can work. With this kind of architecture, there is (Blind)SQL Injection, PHP Include tests and basic others. This tool aims to handle a small number of vulnerabilities, but you can write your own module to perform other tests.
I also added today a Hybrid analysis (for PHP only) module with PHP-SAT as source code analyzer.

There is currently, of course, no real documentation and I really need to fix bugs, the parsing process and the spider etc. etc.
The tool is not designed to be used for big web applications...

If you are interested, you can check the tool here: http://rgaucher.info/beta/grabber

I think I (in the SAMATE Project) will use this for some research on effectiveness on Web Apps Scanner / Hybrid Analysis and more.

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher



Edited 1 time(s). Last edit at 12/01/2006 04:41PM by nEUrOO.

Options: ReplyQuote
Re: Web application scanner
Posted by: jungsonn
Date: December 01, 2006 08:12PM

Nice! i'm going to test this, this weekend.

Options: ReplyQuote
Re: Web application scanner
Posted by: nEUrOO
Date: December 11, 2006 10:23AM

Hum, there were some craps with the Grabber distributions packages... It should be fixed now (I wish):
* I also fixed the Crystal Ball module which needs some evolution from PHP-SAT (in progress...)
* I fixed the JavaScript/HTML parser: it tries to parse the JavaScript for handling AJAX application...
* I added a SessionID/Server Time retrieval module (if somebody wants to make some statistics on the randomness...)

Lots of works need to be done i think of:
* Attacks encoding variation
* Definitely plug a JavaScript engine...

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: ReplyQuote


Sorry, only registered users may post in this forum.