{"id":3378,"date":"2012-10-15T10:01:47","date_gmt":"2012-10-15T09:01:47","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3378"},"modified":"2012-10-15T10:01:47","modified_gmt":"2012-10-15T09:01:47","slug":"web-sorrow-v1-48-version-detection-cms-identification-enumeration-server-scanning-tool","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2012\/10\/web-sorrow-v1-48-version-detection-cms-identification-enumeration-server-scanning-tool\/","title":{"rendered":"Web-Sorrow v1.48 – Version Detection, CMS Identification, Enumeration & Server Scanning Tool"},"content":{"rendered":"
Web-Sorrow is a PERL based tool for misconfiguration, version detection, enumeration, and server information scanning. It’s entirely focused on enumeration and collecting information about a target server. Web-Sorrow is a “safe to run” program, meaning it is not designed to be an exploit or perform any harmful attacks. <\/p>\n
There’s a couple of other tools that focus more on the identification part:<\/p>\n
– WhatWeb \u2013 Next Gen Web Scanner \u2013 Identify CMS (Content Management System)<\/a> There’s also a pretty cool web app I use often which is – http:\/\/builtwith.com\/<\/a><\/p>\n Features<\/strong><\/p>\n In some ways it overlaps with other tools too like:<\/p>\n – GoLISMERO \u2013 Web Application Mapping Tool<\/a> But as always, you should try them all and see which ones suits the way you work best.<\/p>\n You can download Web-Sorrow here:<\/p>\n
\n– Wappalyzer \u2013 Web Technology Identifier (Identify CMS, JavaScript etc.)<\/a><\/p>\n\n
\n– Skipfish 1.94b Released \u2013 Active Web Application Security Reconnaissance Tool<\/a>
\n– Nikto 2.1.0 Released \u2013 Web Server Security Scanning Tool<\/a>
\n– Lilith \u2013 Web Application Security Audit Tool<\/a><\/p>\n