Script

web-sorrow - A Remote Web Scanner for Misconfiguration, Version Detection, and Server Enumeration Written in Perl - Wsorrow.pl

Submitted by ingram on Sun, 03/11/2012 - 2:50pm

Wsorrow.pl is a remote web scanner. It can scan for web server misconfiguration, version detection, enumeration, and server information. Written in perl, this script will run out-of-box on most Linux systems, including Ubuntu and openSUSE. While there are many other scripts and programs that perform similar scans, web-sorrow is versatile and useful enough to be included in your toolbox.

NOTE: Web-Sorrow has now been updated to 1.4.9, so be sure to try out the latest version!

Some of the more notable features of web-sorrow are:

  • CMS (Content Management System) detection
  • Port scanning
  • Login page scanning
  • Proxy support
  • Error bagging
  • Standard tests (see below for full list)

To download the latest version (1.2.7) and unzip it, go here, or run these commands (If your distro doesn't come with unzip, you may need to install that package):

wget http://web-sorrow.googlecode.com/files/Wsorrow_v1.2.7.zip

unzip Wsorrow_v1.2.7.zip

To run the script with no switches, run this command:

perl ./Wsorrow.pl

+ web sorrow 1.2.7 Version detection, misconfig, and enumeration tool

goofile 1.5 - Search for Filetypes from Command Line from a Specified Domain Name Using Google

Submitted by ingram on Fri, 03/09/2012 - 12:08am

goofile is a command line python script that searches for specified filetypes from specified domains through the terminal/command line. You can download it here, or by running this command:

wget http://goofile.googlecode.com/files/goofilev1.5.zip

If you would like to search for files with the extension "txt" on this website, run this command:

./goofile.py -d itswapshop.com -f txtgoofile

As you can see in the background of the image, goofile.py does the exact same thing as a google query like this: "filetype:txt site:itswapshop.com"

Obviously, this makes this script seem very basic and useless, however, it can be quite useful in certain situations where you need to script stuff like this. One drawback to this script is it doesn't actually support searching. If I were to use google, I could do a search like this: "filetype:txt site:itswapshop.com linux", and I would have a list of txt files with the word linux in them returned. Unfortunately, this isn't possible with goofile at this time.

Subscribe to Script

User login

Privacy Policy

support @ itswapshop . com