Re: Vuln scan tool for web

From: Alvin Oga (alvin.sec_at_Mail.Linux-Consulting.com)
Date: 07/16/03

  • Next message: Richard Stevens: "RE: Check point eng allowing Nmap NULL access" 
    Date: Tue, 15 Jul 2003 17:16:11 -0700 (PDT)
To: Domingos Costa <domingos@microlink.com.br>

    hi ya

    online port scan tools
            http://linux-sec.net/Audit/nmap.test.gwif.html

    and if you wanna make one ... ( its free and a couple hours work )
            -- run apache on www.foo.com/PortScanner
            -- write your cgi that when they click submit, your machine
               will run nmap or nessus or foo scanner
            -- do some disclaimers and limit what the user can scan
                    ( they (supposedly) can only scan their ip#
                    ( just have to treat /30 ip# as /24
                     ( and watch out for target ip# behind a firewall
            -- trick will be to setup "sudo namp (options) target-ip# "

    c ya
    alvin

    On Tue, 15 Jul 2003, Domingos Costa wrote:

    > Hello,
    >
    > I'm looking for a web tool that allow a user connected to my lan scan his own computer for
    > vulnerabilities. It's something similar to ShieldsUP! at grc.com, but i wanna put it inside my lan,
    > at a web server and the user can just click on to start probbing his ports. Do you know some tool??
    > I'm working with linux slackware.
    >

    ---------------------------------------------------------------------------
    Your network Firewall and IDS products do not prevent Web application
    exploits - the most common form of online attack - resulting in Web
    defacement, data theft, sabotage and fraud.

    KaVaDo is the first and only company that provides a complete and an
    integrated suite of Web application security products, allowing you to
    assess your entire environment, automatically set positive security
    policies and maintain it without compromising business performance.

    For more information on KaVaDo and to download a FREE white paper on Web
    applications - security policy automation, please visit:
    http://www.kavado.com/ad.htm
    ----------------------------------------------------------------------------

  • Next message: Richard Stevens: "RE: Check point eng allowing Nmap NULL access"

    Relevant Pages

    • Re: ARIN Handle IP block whois query
      ... Just use the whois web form and type the company name - ... > Your network Firewall and IDS products do not prevent Web application ... > integrated suite of Web application security products, ... > For more information on KaVaDo and to download a FREE white paper on ...
      (Pen-Test)
    • RE: Vuln scan tool for web
      ... I can't get them to work on servers with the latest version of PHP, and don't know why, so if you get them working could you please let me know. ... Your network Firewall and IDS products do not prevent Web application ... integrated suite of Web application security products, ... For more information on KaVaDo and to download a FREE white paper on Web ...
      (Pen-Test)
    • Re: Vuln scan tool for web
      ... I'm looking for a web tool that allow a user connected to my lan scan his own computer for ... Your network Firewall and IDS products do not prevent Web application ... integrated suite of Web application security products, ... For more information on KaVaDo and to download a FREE white paper on Web ...
      (Pen-Test)
    • RE: Check point eng allowing Nmap NULL access
      ... Pretty sure GTA do not use the check point engine. ... Your network Firewall and IDS products do not prevent Web application ... integrated suite of Web application security products, ... For more information on KaVaDo and to download a FREE white paper on Web ...
      (Pen-Test)
    • Re: IRC Sites
      ... > Your network Firewall and IDS products do not prevent Web application ... > integrated suite of Web application security products, ... > assess your entire environment, ... > For more information on KaVaDo and to download a FREE white paper on Web ...
      (Pen-Test)