Security News

External Links

Home
Resources
Free Tools

Extended Scanner

ExtendedScanner is a Ruby port of the Perl version of ExtendedScanner presented in Ch 9 of Network Security Tools by Justin Clarke et al. Refer to www.oreilly.com/catalog/networkst/ for the sample chapter and Perl source code.

The scanner is capable of parsing a Burp log file (Refer to portswigger.net/proxy/) and discovering the following web application vulnerabilities:

SQL Injection
Cross Site Scripting
Directory Listing

The extended scanner has intelligent capabilities to perform enumeration and exploits on discovered sql injection points. The following information is enumerated:

Validate SQL injection (i.e., reduce false positives)
Enumerate backend database type (currently supports MS SQL, Oracle and MySQL)
Enumerate the number of columns at the injection point
Enumerate the data type of each column identified

The following http components are also handled:

http 0.9, 1.0 and 1.1
GET and POST requests
https/ssl/tls - does not verify if certificate is present by default but it is capable
Cookie handling - sets static cookie in header
HTTP Proxy tunneling

Information

Version: 0.3
Release Date: November 4, 2007
License: GPL v2
MD5 Sum: 106a3ccf1a8e4de3e76eeeca69e000be extendedscanner.tar.gz

Documentation

Library interfaces can be found here

Download