miércoles, 3 de junio de 2020

Spaghetti: A Website Applications Security Scanner


About Spaghetti
   Author: m4ll0k   Spaghetti is an Open Source web application scanner, it is designed to find various default and insecure files, configurations, and misconfigurations. Spaghetti is built on Python 2.7 and can run on any platform which has a Python environment.

Spaghetti Installation:

Spaghetti's Features:
   Fingerprints:
  • Server:
  • Web Frameworks (CakePHP,CherryPy,...)
  • Web Application Firewall (Waf)
  • Content Management System (CMS)
  • Operating System (Linux,Unix,..)
  • Language (PHP,Ruby,...)
  • Cookie Security
   Discovery:
  • Bruteforce:Admin Interface
    Common Backdoors
    Common Backup Directory
    Common Backup File
    Common Directory
    Common FileLog File
  • Disclosure: Emails, Private IP, Credit Cards
   Attacks:
  • HTML Injection
  • SQL Injection
  • LDAP Injection
  • XPath Injection
  • Cross Site Scripting (XSS)
  • Remote File Inclusion (RFI)
  • PHP Code Injection
   Other:
  • HTTP Allow Methods
  • HTML Object
  • Multiple Index
  • Robots Paths
  • Web Dav
  • Cross Site Tracing (XST)
  • PHPINFO
  • .Listing
   Vulns:
  • ShellShock
  • Anonymous Cipher (CVE-2007-1858)
  • Crime (SPDY) (CVE-2012-4929)
  • Struts-Shock
Spaghetti Example:
python spaghetti --url example.com --scan 0 --random-agent --verbose


Related posts
  1. Hacking Names
  2. How To Pentest A Network
  3. Hacking Vpn
  4. Pentest Standard
  5. Is Hacking Illegal
  6. Hacking Box
  7. Pentest Framework
  8. Hacking Wifi
  9. Pentestmonkey
  10. Pentest Gear
  11. Pentest Lab Setup
  12. Hacking Groups
  13. Hacker Forum
  14. Pentest Tools For Windows
  15. Pentest Practice
  16. Hacking The System
  17. Pentest

Publicado por MonteArroyo, Partido Político Independiente en 7:51

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)