Hi, 
Guest
Pic
Sign In

websecurity@lists.webappsec.org

The Web Security Mailing List

View all threads

Re: [WEB SECURITY] [new tool announcement] host-extract

M
MustLive
Wed, Mar 23, 2011 9:53 PM

Hello YGN Ethical Hacker Group!

Host-Extract - it's nice tool, which can be useful for pentesters. It
reminds me my own perl tool (one of the set of tools), which I made in 2007
for pentests and security audits to analyze URLs in html and other files
(including JS and CSS) on target sites.

The main task for this tool for me is to find all mentioned (intentionally
or unintentionally) URLs on the site, to find all resources, including
hidden ones. To not use bruteforcing of the names of resources and to not
generate multiple unnecessary 404 errors in server logs.

One thing which I planned to implement in my software (in this and other my
security tools) in 2007 is to parse swf files for URLs. This feature is
still in todo list :-) - if tool SWF URL replacer (for replacing URLs in
swf-files) I already made three years ago for my needs, then for this
feature I still haven't found time (still doing swf-files parsing manually).
You can think to implement such feature in your software.

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

[WEB SECURITY] [new tool announcement] host-extract
YGN Ethical Hacker Group lists at yehg.net
Sun Mar 13 12:46:18 EDT 2011

Host-Extract | Host/IP Pattern Extractor

Hello YGN Ethical Hacker Group! Host-Extract - it's nice tool, which can be useful for pentesters. It reminds me my own perl tool (one of the set of tools), which I made in 2007 for pentests and security audits to analyze URLs in html and other files (including JS and CSS) on target sites. The main task for this tool for me is to find all mentioned (intentionally or unintentionally) URLs on the site, to find all resources, including hidden ones. To not use bruteforcing of the names of resources and to not generate multiple unnecessary 404 errors in server logs. One thing which I planned to implement in my software (in this and other my security tools) in 2007 is to parse swf files for URLs. This feature is still in todo list :-) - if tool SWF URL replacer (for replacing URLs in swf-files) I already made three years ago for my needs, then for this feature I still haven't found time (still doing swf-files parsing manually). You can think to implement such feature in your software. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua [WEB SECURITY] [new tool announcement] host-extract YGN Ethical Hacker Group lists at yehg.net Sun Mar 13 12:46:18 EDT 2011 > Host-Extract | Host/IP Pattern Extractor > ===============================
Empathy v1.0   2024 ©Harmonylists.com