Security and Technology

Whitewidow 1.5.0 – SQL Vulnerability Scanner

Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server information, multiple SQL injection syntax, and a fun environment. This program was created for learning purposes, and is intended to teach users what vulnerability looks like.

Although whitewidow is a completely open source project, and is completely free. Every once in awhile I need a beer. If you like this program, and like this idea, you can help me with my beer fund.

Screenshots

Usage

ruby whitewidow.rb -h

Will print the help page

ruby whitewidow.rb -c

Will displlay the credits, can also be run in conjunction with -f or -d

ruby whitewidow.rb -l

Will display the legal info, can also be run in conjunction with -f or -d

ruby whitewidow.rb -d

Will run whitewidow in default mode and scrape Google using the search queries in the lib directory

ruby whitewidow.rb -d –banner

Will scrape Google and hide the banner

ruby whitewidow.rb -d –proxy 127.0.0.1:80

Proxy configuration, must use the “:”

ruby whitewidow.rb -d –dry-run

Will do a dry run of the program, meaning it won’t scan for vulnerabilities, will prompt if you want to run a scan or not

ruby whitewidow.rb -d –dry-run –batch

Will do a dry run and not prompt you for anything, won’t run a scan

ruby whitewidow.rb -f

Will run Whitewidow through a file, you will not need to provide whitewidow the full path to the file, just provide it the paths within the whitewidow directory itself. Also you will not need a beginning slash.Example:

– whitewidow.rb -f tmp/sites.txt #<= CORRECT- whitewidow.rb -f /home/users/me/whitewidow-1.0.6/tmp/sites.txt #<= INCORRECT

ruby whitewidow.rb –run-x 10

Will run 10 dry runs in batch mode and display no other information (legal, banner, etc..)

ruby whitewidow.rb -s URL

Will spider the URL and extract all the links from there, saving them to a file. Will then run the file through whitewidows file flagDependencies

gem 'mechanize' gem 'nokogiri' gem 'rest-client'

To install all gem dependencies, follow the following template:

cd whitewidowbundle install

This should install all gems needed, and will allow you to run the program without trouble.
Download whitewidow http://ift.tt/2e2bsLx http://ift.tt/2aM8QhC

Deixe uma resposta

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s