New application scanning tool from THC

From: Ralph (ralph@tink.org)
Date: 03/16/02


From: "Ralph" <ralph@tink.org>
To: <pen-test@securityfocus.com>
Date: Sat, 16 Mar 2002 18:00:42 +0100

Hi folks,

THC (www.thehackerschoice.com) is proud to present a new tool for pentesters
and folks alike. Amap is a tool that will identify applications running on
network ports, by sending a (bogus) handshake. The response from the daemon
or app is then looked up in a list to identify the protocol (such as SSL,
DNS etc). So even if you have SSL running on port 2534 or LDAP on port
62225, amap will identify the application. We encourage you to add your own
application definitions (can be done in an easy to read text file) and send
your additions to us (amap-defs@tink.org).

By DJ.Revmoon (revmoon@tink.org) and Van Hauser (vh@reptile.rug.ac.be). Amap
can be downloaded from www.thehackerschoice.com/releases.php.

Kind Regards,

RevMoon & Van Hauser

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/



Relevant Pages

  • Re: Identify OS?
    ... The first thing that struck me was port 6112/dtspc. ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Raptor Firewall 6.5 Config
    ... Raptor as a firewall also has another side feature that can confuse ... This is the whole keep a port open PNAT idea. ... Once raptor has a standard proxy or GSP enabled, it 'opens' that ... >>This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • [TOOL] Amap, Application Mapping Tool (Scanning)
    ... are running on a specific port. ... Amap then looks up the response ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • RE: Digital UNIX 5.60 recourses
    ... Find out what is running on what port (use of netcat, nmap, ... >> Subject: Digital UNIX 5.60 recourses ... >This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • RE: Serial Connection Password Cracker.
    ... This is a tcp socket server that redirects all I/O to a serial port. ... > Subject: Re: Serial Connection Password Cracker. ... >> This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)