27 Jan '17, 9pm

#Ruby script that scans for #vulnerable & exploitable 3rd-party #WebApps on a #network #redteam

When Yasuo runs, it performs several steps before starting to enumerate vulnerable applications. If you provide an IP address or range, it will perform a port scan against the provided targets. If you provide Yasuo with nmap xml output file, it will parse that file and enumerate hosts with open web ports. It then sends a request for a fake (non-existent) file and directory to each enumerated host:ip. To reduce false-positives, it discards all ip:port that respond back with HTTP 200 Ok for the fake file & directory requests. At the end of this whole process, we get a list of, let's say, "good urls". These good urls are then used to enumerate vulnerable applications.

Full article: https://github.com/michalkoczwara/yasuo

Tweets

Ruby on Rails Web Developer

hasjob.co 28 Jan '17, 8am

Solid experience in developing RoR web applications. Responsible for managing the serverĀ­side RESTful API for our website ...