You have two other tools that can scan for web vulnerabilities: - babelweb http://www.hsc.fr/ressources/outils/babelweb/ - whiskern http://sourceforge.net/projects/whisker/
For some accurate vuln. scans, you can try cgiscan.s, phfscan.c, ..., so some more specific tools.
From: "De Doncker, Steve" <[EMAIL PROTECTED]>
To: "Domingos Costa" <[EMAIL PROTECTED]>,<[EMAIL PROTECTED]>
Subject: RE: Vuln scan tool for web
Date: Tue, 15 Jul 2003 19:40:39 +0200
Domingos Costa <mailto:[EMAIL PROTECTED]> scribbled on Tuesday, July
15, 2003 19:00 PM:
> I'm looking for a web tool that allow a user connected to my lan scan > his own computer for vulnerabilities. It's something similar to > ShieldsUP! at grc.com, but i wanna put it inside my lan, at a web > server and the user can just click on to start probbing his ports. Do > you know some tool?? I'm working with linux slackware.
http://sourceforge.net/projects/phpsecurity/ http://www.inprotect.com/
These are basically web frontends for tools like nmap and firewalk, or if you know something about sockets in PHP you could write your own "port scanner" application very much like this one (http://www.hackerzhell.co.uk/portscan.php).
Regards,
Steve http://incunabula.be/~steve
--------------------------------------------------------------------------- Your network Firewall and IDS products do not prevent Web application exploits - the most common form of online attack - resulting in Web defacement, data theft, sabotage and fraud.
KaVaDo is the first and only company that provides a complete and an integrated suite of Web application security products, allowing you to assess your entire environment, automatically set positive security policies and maintain it without compromising business performance.
For more information on KaVaDo and to download a FREE white paper on Web applications - security policy automation, please visit: http://www.kavado.com/ad.htm ----------------------------------------------------------------------------
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
--------------------------------------------------------------------------- Your network Firewall and IDS products do not prevent Web application exploits - the most common form of online attack - resulting in Web defacement, data theft, sabotage and fraud.
KaVaDo is the first and only company that provides a complete and an integrated suite of Web application security products, allowing you to assess your entire environment, automatically set positive security policies and maintain it without compromising business performance.
For more information on KaVaDo and to download a FREE white paper on Web applications - security policy automation, please visit: http://www.kavado.com/ad.htm ----------------------------------------------------------------------------
