uWebScan is a small modular web scanner written in python.
This is not meant as a replacement to Nikto or similar scanners.
List of modules : (S=SAFE N=NOT SAFE)
-[S] apacheversion: Apache HTTPD Version Detection
-[S] bigipcookie : F5 BIGIP Cookie IP Exposure
-[S] httpheaders : HTTP Headers Available
-[S] httpoptions : HTTP OPTIONS Available
-[S] httptracevuln: HTTP TRACE Vulnerability
-[S] intipvuln : Internal IP Vulnerability
-[S] ntlmvuln : NTLM Authentication Vulnerability
-[S] propfindvuln : PROPFIND (WebDAV) Vulnerability
-[S] robotstxtvuln: Robots.txt "Disallow" Disclosure
-[N] webr00t : File & Directory Enumeration
-[S] webtime : Web Server Clock Check
You can download uWebScan from here
uWebScan need python < python3.0
syntax : ./uWebScan.py -h host -m module
m default = all module
-o : output file
-p : port
-s : use ssl
-l : list of modules
-n : disable safe mode (default : enable safe mode)
Example :
./uWebScan.py -h www.site.com -m -s -o /home/HackForLulz/result
Host = site.com
Module = All (except NOT SAFE modules)
ssl = Enabled
Output file = /home/HackForLulz/result
./uWebScan.py -h www.site.com -m apacheversion bigipcookie httpheaders -s
Host = site.com
Module = apacheversione, bigipcookie, httpheaders
ssl = Enabled
./uWebScan.py -h www.site.com -m -n
Host = site.com
Module = All (SAFE AND NOT SAFE)
ssl = Disabled
For more informations type : ./uWebScan -h
If you have any problem or if you need some explanations just write under this post!
No comments:
Post a Comment