Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Dave Aitel (dave_at_immunitysec.com)
Date: Thu Oct 24 2002 - 12:41:40 CDT
Version 1.4.3 of SPIKE Proxy is now available for download at
VulnXML is a powerful new feature that allows you to create new plug-ins
and tests quickly and easily.
Oct 23, 2002
o Win32 now supported (really really long URLS may break due to
Win32 directory length restrictions)
o fr0stman <fr0stmansun-tzu-security.net> added many changes to
logging and additional bugfixes that made various subsystems actually
work including manual rewriting, password, and injection scanning.
Note: To do password scanning, it is best to go into the
configuration menu, and then remove everything from Success List, unless
you know explicitly what the server will say on success. Then add
something from the failure page into the failure list, add a list of
words to the passwordlist, and then start your scan.
o VulnXML added
o Now has Nikto/Whisker functionality
o script to convert from Nikto database to VulnXML added
o Directory, File, and Site scanning are supported and tested.
o IIS ASP Chunked overflow is properly detected
o Variable scanning is theoretically there, but not tested
o Any successful vulnerability check is saved off for review
-- Dave Aitel <daveimmunitysec.com> Immunity, Inc
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQA9uDDSB8JNm+PA+iURAo2fAKDgnDEY7FVtDTuQDjdoV0fEdkUmLgCgkV29 G+P+1bVRwN0lSXSF26c2d2A= =HNkr -----END PGP SIGNATURE-----
_______________________________________________ Spike mailing list Spikeimmunitysec.com http://www.immunitysec.com/mailman/listinfo/spike