29 April 2014 | 1,447 views

BlindElephant – Web Application Fingerprinter

Don't let a Dragon into your website!

The BlindElephant Web Application Fingerprinter attempts to discover the version of a (known) web application by comparing static files at known locations against precomputed hashes for versions of those files in all all available releases. The technique is fast, low-bandwidth, non-invasive, generic, and highly automatable.

BlindElephant

BlindElephant can be used directly as a tool on the command line, or as a library to provide fingerprinting functionality to another program.

Features

  • Fast, low-resource approach (generally <6 seconds and < 400kb)
  • Support for 15 commonly deployed web apps (and hundreds of versions), and very easy to add support for more
  • Support for web app plugins (Drupal and WordPress currently, more with community input)

There are other similar projects such as:

WAFP – Web Application Finger Printing Tool
WhatWeb – Next Gen Web Scanner – Identify CMS (Content Management System)
wig – WebApp Information Gatherer – Identify CMS
Web-Sorrow v1.48 – Version Detection, CMS Identification & Enumeration
Wappalyzer – Web Technology Identifier (Identify CMS, JavaScript etc.)

You can grab BlindElephant from the SVN repo here:

Or read more here.

Advertisements



Recent in Hacking Tools:
- Watcher – Passive Web Application Vulnerability Scanner
- Pentoo – Gentoo Based Penetration Testing Linux LiveCD
- Onapsis Bizploit v1.50 – SAP Penetration Testing Framework

Related Posts:
- Droopescan – Plugin Based CMS Security Scanner
- wig – CMS Identification & Information Gathering Tool
- wig – WebApp Information Gatherer – Identify CMS

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,901,151 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,126,078 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 639,078 views

Low-cost VPS Hosting

Comments are closed.