29 June 2007 | 10,042 views

OAPScan – Oracle Application Server Scanner

Cybertroopers storming your ship?

We got an e-mail a while back about this new and apparently simple Oracle Application Server scanner.

It detects web pages, DADs (Database Access Descriptors) and test applications installed by default.

It may be useful for system hardening and pen-test.

You can download OAPScan here:



Recent in Database Hacking:
- Onapsis Bizploit v1.50 – SAP Penetration Testing Framework
- OAT – Oracle Auditing Tools For Database Security
- ODAT (Oracle Database Attacking Tool) – Test Oracle Database Security

Related Posts:
- OAT – Oracle Auditing Tools For Database Security
- Oracle Releases a Default Password Scanner
- Oracle MEGA Patch Fixes 101 Security Bugs

Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 75,456 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 54,162 views
- SQLBrute – SQL Injection Brute Force Tool - 40,024 views

Advertise on Darknet

8 Responses to “OAPScan – Oracle Application Server Scanner”

  1. Daniel 29 June 2007 at 7:14 am Permalink

    have you actually tested it? what platform? how does it work?

    more details please

  2. Darknet 29 June 2007 at 8:19 am Permalink

    It’s PERL so it should work fine on both Windows and Linux, I don’t have any Oracle server or Applications here so I’m unable to test it.

  3. SN 2 July 2007 at 2:54 pm Permalink

    Hey … this is nice. I am looking to make life really hard for my dba’s. It is better that I do it, before a real hacker does.


  4. Sandeep Nain 3 July 2007 at 1:19 am Permalink

    Any stats on how accurate the results are?? or teh stats on vulnerabilities found vs actual vulnerabilities

  5. Darknet 3 July 2007 at 8:47 am Permalink

    SN sounds like a good plan :)

    Sandeep, you can try it out yourself, as we’ve said we don’t have any Oracle architecture to test with right now.

  6. john 28 May 2009 at 4:10 pm Permalink

    Link seems broken

  7. Anonymous 28 May 2009 at 4:41 pm Permalink

    Really? But the story is only two years old!

    Blimey Darknet, why don’t you check all of your links, every day????