About Spaghetti
Author: m4ll0k Spaghetti is an Open Source spider web application scanner, it is designed to discovery diverse default in addition to insecure files, configurations, in addition to misconfigurations. Spaghetti is built on Python 2.7 in addition to tin run on whatever platform which has a Python environment.
Spaghetti Installation:
Spaghetti's Features:
Fingerprints:
- Server:
- Web Frameworks (CakePHP,CherryPy,...)
- Web Application Firewall (Waf)
- Content Management System (CMS)
- Operating System (Linux,Unix,..)
- Language (PHP,Ruby,...)
- Cookie Security
- Bruteforce:Admin Interface
Common Backdoors
Common Backup Directory
Common Backup File
Common Directory
Common FileLog File - Disclosure: Emails, Private IP, Credit Cards
- HTML Injection
- SQL Injection
- LDAP Injection
- XPath Injection
- Cross Site Scripting (XSS)
- Remote File Inclusion (RFI)
- PHP Code Injection
- HTTP Allow Methods
- HTML Object
- Multiple Index
- Robots Paths
- Web Dav
- Cross Site Tracing (XST)
- PHPINFO
- .Listing
- ShellShock
- Anonymous Cipher (CVE-2007-1858)
- Crime (SPDY) (CVE-2012-4929)
- Struts-Shock
python spaghetti --url example.com --scan 0 --random-agent --verbose
0 comments:
Post a Comment