27 October 2009 | 4,443 views

Yokoso! – Web Infrastructure Fingerprinting & Delivery Tool

Acunetix Web Application Security

Yokoso! is a project focused on creating fingerprinting code that is deliverable through some form of client attack. This can be used during penetration tests that combine network and web applications. One of the most common questions we hear is “so what can you do with XSS?” and we hope that Yokoso! answers that question.

We will creating JavaScript and Flash objects that are able to be delivered via XSS attacks. These code payloads will contain the fingerprinting information used to map out a network and the devices and software it contains.

In basic terms Yokoso! is a collection of infrastructure fingerprints. These fingerprints are useful during penetration tests to determine both what infrastructure is in use and to determine who are the admins of that infrastructure. It is built using the URIs of the web administration interfaces.

You can download Yokoso! v0.1 here:

yokoso.0.1.tar.gz

Or read more here.





                

Recent in Hacking Tools:
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- Capstone – Multi-platform, Multi-architecture Disassembly Framework

Related Posts:
- Xprobe2 – Active OS Fingerprinting Tool
- SinFP – Next Generation OS Detection Tool
- Exploit Next Generation SQL Fingerprint (ESF) – MS-SQL Server Fingerprinting Tool

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,844,883 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,030,316 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,296 views

Advertise on Darknet

Comments are closed.