DAVScan – WebDAV Security Scanner

Outsmart Malicious Hackers


DAVScan is a quick and lightweight WebDAV security scanner designed to discover hidden files and folders on DAV enabled web servers. The scanner works by taking advantage of overly privileged/misconfigured WebDAV servers or servers vulnerable to various disclosure or authentication bypass vulnerabilities.

DAVScan - WebDAV Security Scanner

The scanner attempts to fingerprint the target server and then spider the server based on the results of a root PROPFIND request.


Features

  • Server header fingerprinting – If the webserver returns a server header, davscan can search for public exploits based on the response.
  • Basic DAV scanning with PROPFIND – Quick scan to find anything that might be visible from DAV.
  • Unicode Auth Bypass – Works using GET haven’t added PROPFIND yet. Not fully tested so double check the work.
  • Exclusion of DoS exploit results – You can exclude denial of service exploits from the searchsploit results.
  • Exclusion of MSF modules from exploit results – Custom searchsploit is included in the repo for this. Either overwrite existing searchsploit or backup and replace. This feature may or may not end up in the real searchsploit script.

Usage

You can download DAVScan here:

davscan-master.zip

Or read more here.


Posted in: Hacking Tools, Web Hacking

, , , , , , ,

Recent in Hacking Tools:
- p0wnedShell – PowerShell Runspace Post Exploitation Toolkit
- Fluxion – Automated EvilAP Attack Tool
- DAVScan – WebDAV Security Scanner

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 2,006,208 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,532,846 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 695,374 views


No comments yet.

Leave a Reply