OAPScan – Oracle Application Server Scanner
We got an e-mail a while back about this new and apparently simple Oracle Application Server scanner.
It detects web pages, DADs (Database Access Descriptors) and test applications installed by default.
It may be useful for system hardening and pen-test.
You can download OAPScan here:
Tweet
Posted in: 
Recent in Database Hacking:
- The Mole – Automatic SQL Injection SQLi Exploitation Tool
- sqlsus 0.7.1 Released – MySQL Injection & Takeover Tool
- w3af v1.1 Released For Download – Web Application Attack & Audit Framework
Related Posts:
- Oracle Releases a Default Password Scanner
- Oracle MEGA Patch Fixes 101 Security Bugs
- bsqlbf v2.3 Released – Blind SQL Injection Brute Forcing Tool
Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 54,010 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 51,074 views
- Absinthe Blind SQL Injection Tool/Software - 35,269 views
have you actually tested it? what platform? how does it work?
more details please
It’s PERL so it should work fine on both Windows and Linux, I don’t have any Oracle server or Applications here so I’m unable to test it.
Hey … this is nice. I am looking to make life really hard for my dba’s. It is better that I do it, before a real hacker does.
-SN
Any stats on how accurate the results are?? or teh stats on vulnerabilities found vs actual vulnerabilities
SN sounds like a good plan :)
Sandeep, you can try it out yourself, as we’ve said we don’t have any Oracle architecture to test with right now.
Link seems broken
Really? But the story is only two years old!
Blimey Darknet, why don’t you check all of your links, every day????