Now, -p requires number to represent []
You can now specify -p for any number of [] you like.




$ ruby inspathx.rb -u http://attacker.in/joomla160x/index.php -p

missing argument: -p

Added dotNet framework 1.x full path disclosure


Check on server with error-display on:



$ ruby inspathx.rb -u http://10.3.22.45/
...

Host-Extract | Host/IP Pattern Extractor
category: /pentest/enumeration/www

This little ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files...

Nice!

Add more encodings from CAL9000/HackVector if you wish.


http://yehg.net/lab/pr0js/pentest/CAL9000/
http://hackvertor.co.uk/public

Tell-Me-Web (Automating WhatWeb from NMap output)

The tell-me-web takes nmap output in Grepable format (-oG) generated together with -sV option. It extracts all hosts with http & https ports open....

Updated inspathx


Inspathx Tutorial: http://www.aldeid.com/index.php/Inspathx

Bundled apps paths and vulnerable paths are included....

WHAT¶

A tool that uses local source tree to make requests to the url and search for path inclusion error messages. It's a common problem in PHP web applications that we've been hating to see. We...

pentesterscripting.com's collection. They are mostly bash scripts written to aid pentesters in some situations.

start [PenTester Scripting]

Categories are as follows.

* Recon
*...

Good resource routinely used in pentest. This should be added.

Video:

Installing BackTrack3Final to HardDrive


http:\\code.google.com/p/infosectraining/downloads/detail?name=Installing_BackTrack3_2HardDrive.zip