Tools

From time to time, we think some of our internal tools would be helpful to others in the security community, so we polish them up a bit, write some documentation, and let them be free...


DAVTest
DAVTest tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target. It is meant for penetration testers to quickly and easily determine if enabled DAV services are exploitable.

DAVTest is licensed under the GPL and can be found here:
http://code.google.com/p/davtest/


Nessus Downer
A script that connects to a Nessus scanner, prompts you to enter a report name string (that accepts common wildcard characters such as * and ?) to list the reports, then downloads the reports matching your query. You can specify the file type to download (.nessus or .nbe) or you can specify that you want both formats. You can also download all of the reports from the scanner by leaving the query string blank.

Nessus Downer is licensed under the GPL and can be found here:
https://code.google.com/p/sunera-ap-team/downloads/list


CMS Explorer
CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.

Additionally, CMS Explorer can be used to aid in security testing. While it performs no direct security checks, the "explore" option can be used to reveal hidden/library files which are not typically accessed by web clients but are nonetheless accessible. This is done by retrieving the module's current source tree and then requesting those file names from the target system. These requests can be sent through a distinct proxy to help "bootstrap" security testing tools like Burp, Paros, Webinspect, etc.

CMS Explorer is licensed under the GPL and can be found here:
http://code.google.com/p/cms-explorer/