Tools & Utils


DavTest 1.0:

DAVTest tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target. It is meant for penetration testers to quickly and easily determine if enabled DAV services are exploitable.

DAVTest supports:
  • Automatically sending of exploit files

GIT Extractor

I promised last time that I would do a git extractor and, yes, I came across a site in the real world that used git to manage its releases. A quick script later and I had its web.config file and all of the internal goodies.

There's a much more detailed write up and the tool at the corporate blog of the company I work for.

Mercurial Extractor

This is an expansion of part of a talk I did for OWASP East Midlands.

If you actually read the articles posted up here you may have read about the svnpristine extractor that was written in October 2012 and not released until February 2013 (hey, it takes me a while).

SVN Pristine Extractor

So, you're sat on a customer site, and nothing is going right: patching is up to date, passwords are all set to complex values, user input is validated, you have to wear a suit and even the coffee doesn't taste very nice.

Oh, but wait! That scan against the internal web server reveals that:

Click Jacking Test Script

Some of you may have been observant and noticed that Nikto has alerted about the lack of the X-Frame-Options header from web servers. This headers gives hints to the user agent on how it should be handled from within a frame, effectively preventing click-jacking, or the overlaying of information over a frame to fool a user into clicking on something they don't want to.