domingo, 4 de octubre de 2009

Tools: AppCodeScan, wsScanner, scanweb and AppMap

AppCodeScan 1.2
Application Code Scanning and Tracing tool
This tool is designed to help in performing whitebox testing. During whitebox testing one needs to scan complete application code for various different vulnerabilities like XSS, SQL injection, Poor validations etc. It is possible to discover these vulnerable points using this tool and one can follow code walking across the code base to trace this vulnerability.This tool works on following two areas:
- Code Scanning - One needs to feed target code folder, rules pattern in regex (sample is provided for ASP) and list of file extension to scan. The tool will take this information and run against the target folder with depth of three (3) and scan each line for matching pattern. If pattern is found then it will report that line in the tool.
- Code Walker - This little utility would help in walking across the code base and find variable or function. This will help to trace variables and their entire path in the large code base. This utility would help in negating false positives from the identified pattern.
This tool runs on .NET framework and still in initial beta state. We are working on it and more features will be added.
You can read on code scanning method written by Shreeraj Shah at Onlamp.
[Go to article]


Web Services Footprinting, Discovery, Enumeration, Scanning and Fuzzing tool
wsScanner is a toolkit for Web Services scanning and vulnerability detection. This tool is having following utilities:
- Discovery tool - By leveraging search engine this tool helps in discovering Web Services running on any particular domain or with certain name pattern.
- Vulnerability detection - It is possible to enumerate and profile Web Services using this tool and one can follow it up by auto auditing (.NET only). .NET proxy gets dynamically created for audit module. One can do vulnerability scan for data type, SQL injections, LDAP/Command injections, Buffer checks, Bruteforing SOAP etc. It is also possible to leverage regex patterns for SOAP analysis.
- Fuzzing - This tool helps in fuzzing different Web 2.0 streams like SOAP, XML-RPC, REST, JSON etc. This module helps in assessing various different Web Services.
- UDDI scan - It is possible to scan UDDI servers using this tool for footprinting and discovery of Web Services.
This tool is still in beta and we are planning to add some more features and support. Stay tuned for future releases as well.



scanweb 2.0

Web 2.0 Fingerprinting, Scanning and Discovery tools

Scanweb2.0 is a set of ruby scripts which can help in assessing Web 2.0 applications. This is a start point for an assessment. Here is a list of things it can do:
- Ajaxfinger - It helps in ajax framework fingerprinting, it is possible to identify frameworks like atlas, dojo, GWT etc using this script.
- Flashfinger
- One can scan a page for RIA component running with Flash and follow-up assessment is possible. It helps in fingerprinting Laszlo framework as well.Scanajax - It scans for XSS entry points into JavaScripts and Web 2.0 applications. It is possible to trace these points and discover XSS.
- Scanatlas
- This script will scan page for atlas reference and discover hidden Web Services.
- Urlgrep - This script will fetch all JavaScripts and look for hidden URLs residing in Web 2.0 applications.


Application footprinting and mapping tool using MSN APIs
AppMap is very simple tool which runs against MSN using Web APIs over SOAP. It is a desktop based mashup application. One can do following things using it:
- Application host footprinting
- It uses ip switch to identify virtual hosts.
- Application domain footprinting
- It uses combination of site, inurl and linkdomain switches for fetching domain and crossdomain applications belongs to one parent domain.
- Application crawling
- It fetches all links belong to an application from MSN
- Application fetching and searching
- It runs rule based queries against MSN. One can build a set of rules and fetch the vulnerable URLs from MSN for a target application.
This tool is still in beta and we are planning to add some more features and support. Stay tuned for future releases as well.


No hay comentarios: