来自C.R.S.T的WScan v3.0,cooldiyer作品,一个很不错的web扫描器,夜火极力推荐哦~
wscan V3.0 - Network Security Scanner (By cooldiyer Jul 22 2008) usage: wscan <-v> <-h Host> <-r RulesFile> <-p Port> <-m MaxThread> <-t Timeout> <-l LogFile> Example: > wscan -h www.baidu.com -r cgi.txt -p 80 -m 10 -t 3
速度,稳定一流
规则文件实例如下,类似twwwscan的规则语法,规则需以”;“结束
如下只关注200状态码
200-> HEAD :/database/lyboard.mdb^桃源网络论坛数据库; 200-> HEAD :/database/PE_Region.mdb^动网论坛数据库; 200-> HEAD :/data/dvbbs7.mdb^动网论坛数据库; 200-> HEAD :/databackup/dvbbs7.mdb^动网论坛备份数据库;
关注200,403,301任意一个
200|403|301-> HEAD
/^Eedit/; 200|403|301-> HEAD /^eWebEditorNet/; 200|403|301-> HEAD /eWebEditorNet/^edit/eWebEditorNet/; 200|403|301-> HEAD /eWebEditorNet/^Admin/eWebEditorNet/; 200|403|301-> HEAD /eWebEditorNet/UploadFile/^Admin/eWebEditorNet/UploadFile/;上传压缩包内容如下:
BUGS.txt cgi.txt db.txt dic.txt dirfile.txt edit.txt nt.txt php.txt scan.bat script.txt unix.txt unix_cgi.txt wscan.exe admin.txt upfile.txt
[WScan v3.0下载地址](/blog/download.asp?id=111