...... Bienvenido ......

Entra y Comparte




0 / 1000 / 100

Cantidad de envíos : 290
Edad : 36
Perfil : Patience, my friend, is a virtue...

Una cita de Georges Orwell:

Libertad de expresión es el derecho a decir

lo que nadie quere escuchar.

... .... .... .... .... ...
Tú firma Personal :
Barra de Respeto :
0 / 1000 / 100

Reputación : 45
Fecha de inscripción : 14/10/2008

default PunkSPIDER

Mensaje por grupoed2k el 31/1/2017, 1:37 am

Mass Recon has been around for a little while with the advent of our own tool PunkSPIDER, Shodan, MassScan, ZScan etc.

Today we’re announcing the beta release of our new tool Let me tell you how it’s different.
Mass recon at its massiest

Along with a much faster, better web app scanner (Ferret), we are running several hundred nmap NSE scans against our targets. Our target: the entire Internet. So far we have a few million domains, this will quickly be expanded to several billion in the near future. What scans are we running you ask? For web app scans, they are largely the same scans as in PunkSPIDER, that is:
bsqli (blind sql injection)
sqli (sql injection)
osci (OS command injection)
mxi (mail header injection)
traversal (path traversal)
xss (cross-site scripting)

However, this is old news, we were doing this in PunkSPIDER, and even though we’re now doing it a lot faster it’s not that exciting. What is exciting (we think) is the nmap scans we’ve added. It’d be difficult to list all of the nmap options and NSE scripts we’ve enabled and distributed to run across our cluster, but here is a snippet of the command we are using:

script_arg = "--script \"(safe or malware or discovery or external or version or vuln)
and (not -traceroute and not traceroute- and not intrusive and not exploit and not dos)
\"" sudo nmap -Pn -O -sC -T3 -sV ' + script_arg + ' -oX ' + nmap_output + ' --open --top-ports=100 -iL ' + nmap_input_host_list

so yeah, lots of stuff Smile.
With that in mind, let’s talk a little more about how you can use

Exploring ~

We’ve tried to make search much more powerful than other tools out there (including PunkSPIDER). To get started simply go here. You should see a screen like the following




    Fecha y hora actual: 26/2/2017, 11:06 am