WPScan - Wordpress Security Scanner

 Wordpress Security Scanner

WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.

WPScan is written in Ruby

The features of WPScan are :

  It will enumerate the Usernames
  Weak Password Cracking
  Plugin Vulnerability Enumeration
  Version Enumeration
  Vulnerability Enumeration
  etc ........

It can be free downloaded from http://code.google.com/p/wpscan/

OR

It is available in Backtrack 5  /pentest/web/wpscan/

Syntax:
         ruby ./wpscan.rb --url www.example.com --wordlist darkc0de.lst --threads 50

Read more...

Plecost - Wordpress fingerprint tool

Plecost

A Wordpress finger print tool available in open source with Backtrack 5

Plecost retrieves the information contained on the Web site to be analyzed, and also allows a search on the results indexed by Google.

It bases your analysis from information contained in the files of development included by WordPress and them plugins. The plugins list is generated based on the list of "Most populars" from wordpress.org, and linked with related entries in CVE.mitre.org.

plecost is available at http://code.google.com/p/plecost

the plecost will finger print the plugins and give the corresponding CVE entries also

syntax:

     ./plecost-0.2.2-9-beta.py -i wp_plugin_list.txt http://www.example.com -G

      

Read more...

WafW00f - A Web Application Audit Tool

WAFW00F - Web Application Firewall Detection Tool

WafW00f is written in  phython and is available freely on the net,

the tool is developed By Sandro Gauci && Wendel G. Henrique.

they mentions that Web Application Firewalls (WAFs) :

• can be detected, because they leave several signs
• can be bypassed by changing the attack in order to avoid rules

To help detect and bypass WAFs, they released wafw00f

WAFW00F allows one to identify and fingerprint WAF products protecting a website

Download Link

http://waffit.googlecode.com/svn/trunk/ waffit-read-only

or you can find it in Backtrack 5 R1 version

You can find it in   /pentest/web/waffit/


example 1: /pentest/web/waffit# ./wafw00f.py http://www.example.com

output:

Checking http://www.example.com
Generic Detection results:
No WAF detected by the generic detection

example 2: /pentest/web/waffit# ./wafw00f.py http://www.example2.com

output:

Checking http://www.example2.com
The site http://www.example2.com is behind a Citrix NetScaler

Read more...

Google offers encrypted Web search by default

Google announced today that it will encrypt by default Web searches and results for users who are signed in.

People who don't have a Google account or are signed out can go directly to https://www.google.com, the company said in a blog post.

Encrypting the communications between an end user and the Google search engine servers will protect against snooping by anyone who might be sniffing on an unsecured Wi-Fi network, for instance. Secure Sockets Layer (SSL) is available now for Web search, image search and all the search modes except for Maps, Google said in this separate post.

For example, when you search over SSL for "dogs," Google encrypts the search and results that are returned, but clicking on a result ends the encrypted connection unless the destination is on "https://."

"Although SSL offers clear privacy and security benefits, it does not protect against all attacks. The benefits of SSL depend on your browser's list of trusted root certificates, the security of the organizations that issue those certificates, and the way in which you and your browser handle certificate warnings," Google says. "In addition, while the connection between your computer and Google will be encrypted, if your computer is infected with malware or a keylogger, a third party might also be able to see the queries that you typed directly."

Google began SSL default in Gmail in January 2010 and began offering an encrypted search option four months later.

Originally posted at InSecurity Complex

Read more...