Version 1.4.3 of SPIKE Proxy is now available for download at
http://www.immunitysec.com/spikeproxy_downloads.html .

VulnXML is a powerful new feature that allows you to create new plug-ins
and tests quickly and easily.

1.4.3
Oct 23, 2002
   o Win32 now supported (really really long URLS may break due to
     Win32 directory length restrictions)
   o fr0stman <fr0stmansun-tzu-security.net> added many changes to
logging and additional bugfixes that made various subsystems actually
work including manual rewriting, password, and injection scanning.
   Note: To do password scanning, it is best to go into the
configuration menu, and then remove everything from Success List, unless
you know explicitly what the server will say on success. Then add
something from the failure page into the failure list, add a list of
words to the passwordlist, and then start your scan.
   o VulnXML added
     o Now has Nikto/Whisker functionality
     o script to convert from Nikto database to VulnXML added
     o Directory, File, and Site scanning are supported and tested.
     o IIS ASP Chunked overflow is properly detected
     o Variable scanning is theoretically there, but not tested
     o Any successful vulnerability check is saved off for review

-- 
Dave Aitel <daveimmunitysec.com>
Immunity, Inc

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org

iD8DBQA9uDDSB8JNm+PA+iURAo2fAKDgnDEY7FVtDTuQDjdoV0fEdkUmLgCgkV29 G+P+1bVRwN0lSXSF26c2d2A= =HNkr -----END PGP SIGNATURE-----

_______________________________________________ Spike mailing list Spikeimmunitysec.com http://www.immunitysec.com/mailman/listinfo/spike

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]