Re: Finding other websites for pen-testing...

From: George Ellenburg (george_at_ellenburg.org)
Date: 10/01/03

  • Next message: David Gillett: "RE: Security Certs" 
    Date: Wed, 1 Oct 2003 05:38:43 -0400
To: David Burt <uncue75@yahoo.com>

    www.netcraft.com

    Check what that website is running. Click on the Network Name from the
    results, and Netcraft will show you (in some cases) what else is on
    that same subnet/ network.

    Only works though if someone from that company has "pinged" Netcraft,
    so a specific host is in their database, though.

    Otherwise, if you've got the contract to do a pentest, why not use scan
    their netblock with nessus/ nmap looking for other web servers? 

    --
George Ellenburg
On Tuesday, September 30, 2003, at 01:30  PM, David Burt wrote:
> Say you know that name of the company you have been
> hired by to perform a pen-test.  You know their main
> website.
>
> You want to find out what other website that they may
> have on different webservers that maybe in house
> rather than being outsourced like their main website
> or maybe they run a website that isn't as high profile
> so they are pretty lax on keeping it updated.
>
> If you go to netsol.com and do a whois on their main
> website you can find out their address and all the
> main contacts.  Is there a way to search this
> information to find all the domains that have the same
> contacts in them or maybe the same address?
>
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Shopping - with improved product search
> http://shopping.yahoo.com
>
> ----------------------------------------------------------------------- 
> ----
> ----------------------------------------------------------------------- 
> -----
>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
  • Next message: David Gillett: "RE: Security Certs"

    Relevant Pages

    • RE: Pre-Scanning for Marketing
      ... The controlling interest of the network has to have a inclination to secure ... vulnerabilities are easily and efficiently identified. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
      (Pen-Test)
    • Re: Cannot Access FTP or Company Website (Externally Hosted) - HELP!!!
      ... That's why I said there is a routing problem inside your network. ... I assume that you used CEICW to configure your SBS. ... Ethernet adapter Server Local Area Connection: ... host unreachable means that your SBS box cannot route to your website. ...
      (microsoft.public.windows.server.sbs)
    • Re: uploading video from XP machine creates unwanted user/pass protect
      ... The following website does not appear to be on a yahoo hosting website: ... view the video. ... to network the two computers. ...
      (microsoft.public.windowsxp.network_web)
    • Re: Scanning Class A network
      ... The scan needed to be carried out externally, and not from within the network to identify hosts and ports exposed to the Internet. ... Hackers are concentrating their efforts on attacking applications on your website. ... Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. ... Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • Re: Fwd: Penetration test of 1 IP address
      ... the client had asked him if they could test the "security" of the boxes ... on his network, and they agreed that they could. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)