[WEB SECURITY] Tools or software for hacking windows/iis.

Thu Dec 21 22:05:05 EST 2006

You might want to try metaexploit framework for this.
Securityfocus.com does provide exploit details for some

Tushar Vartak

-----Original Message-----
From: Schmidt, Albert E [mailto:AES at ola.state.md.us] 
Sent: Thursday, December 21, 2006 11:00 PM
To: Web Security
Subject: [WEB SECURITY] Tools or software for hacking

Hello group, I am auditing a Windows 2000 web server that
has not been patched for 2 years.  I am looking for tools
that could be used to exploit know vulnerabilities - I do
not want to damage the server, but would like to demonstrate
the security weakness for my work papers.  I have heard that
there are tools such as iishack.exe that may be able to
help.  I would like an easy tool, as I am not that
technical.  I have a basic understanding of web application
Thank you,
Albert E. Schmidt, CPA
Senior Information System Auditor
Office of Legislative Audits
Department of General Services
Maryland General Assembly

The Web Security Mailing List:

The Web Security Mailing List Archives:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]


"This e-mail message may contain confidential, proprietary or legally privileged information. It 
should not be used by anyone who is not the original intended recipient. If you have erroneously 
received this message, please delete it immediately and notify the sender. The recipient 
acknowledges that ICICI Bank or its subsidiaries and associated companies,  (collectively "ICICI 
Group"), are unable to exercise control or ensure or guarantee the integrity of/over the contents of the information contained in e-mail transmissions and further acknowledges that any views 
expressed in this message are those of the individual sender and no binding nature of the message shall be implied or assumed unless the sender does so expressly with due authority of ICICI Group.Before opening any attachments please check them for viruses and defects." 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20061222/edd9c969/attachment.html>

More information about the websecurity mailing list