Hello YGN Ethical Hacker Group!
Host-Extract - it's nice tool, which can be useful for pentesters. It
reminds me my own perl tool (one of the set of tools), which I made in 2007
for pentests and security audits to analyze URLs in html and other files
(including JS and CSS) on target sites.
The main task for this tool for me is to find all mentioned (intentionally
or unintentionally) URLs on the site, to find all resources, including
hidden ones. To not use bruteforcing of the names of resources and to not
generate multiple unnecessary 404 errors in server logs.
One thing which I planned to implement in my software (in this and other my
security tools) in 2007 is to parse swf files for URLs. This feature is
still in todo list :-) - if tool SWF URL replacer (for replacing URLs in
swf-files) I already made three years ago for my needs, then for this
feature I still haven't found time (still doing swf-files parsing manually).
You can think to implement such feature in your software.
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
[WEB SECURITY] [new tool announcement] host-extract
YGN Ethical Hacker Group lists at yehg.net
Sun Mar 13 12:46:18 EDT 2011
Host-Extract | Host/IP Pattern Extractor
Hello YGN Ethical Hacker Group!
Host-Extract - it's nice tool, which can be useful for pentesters. It
reminds me my own perl tool (one of the set of tools), which I made in 2007
for pentests and security audits to analyze URLs in html and other files
(including JS and CSS) on target sites.
The main task for this tool for me is to find all mentioned (intentionally
or unintentionally) URLs on the site, to find all resources, including
hidden ones. To not use bruteforcing of the names of resources and to not
generate multiple unnecessary 404 errors in server logs.
One thing which I planned to implement in my software (in this and other my
security tools) in 2007 is to parse swf files for URLs. This feature is
still in todo list :-) - if tool SWF URL replacer (for replacing URLs in
swf-files) I already made three years ago for my needs, then for this
feature I still haven't found time (still doing swf-files parsing manually).
You can think to implement such feature in your software.
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
[WEB SECURITY] [new tool announcement] host-extract
YGN Ethical Hacker Group lists at yehg.net
Sun Mar 13 12:46:18 EDT 2011
> Host-Extract | Host/IP Pattern Extractor
> ===============================