This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP URL Checker"

From OWASP
Jump to: navigation, search
(Project Leader)
m (Updated by tool author with links, further info etc)
Line 8: Line 8:
 
==OWASP URL Checker==
 
==OWASP URL Checker==
  
OWASP URL Checker is...
+
Screen shot:
 +
 
 +
[[File:urlscanscreen.jpeg|link=]]
 +
 
  
 
==Introduction==
 
==Introduction==
  
An open source scrip-table tool to scan websites for URL's which may lead to information divulging, exploits and common attack patterns.
+
An open source editable tool to scan websites for URL's which may lead to information divulging, exploits and common attack patterns.
  
 
==Description==
 
==Description==
  
This tool will check a user defined website for potentially exploitable/ vulnerable URL's by comparing them against the URL extensions in the database, for instance if your target is http://google.com and in the database you have /wp-login.php it would then check if: http://google.com/wp-login.php is available on that site by checking the response. It's a form of of scanning to help you exploit and find weaknesses within the web server. The first time you run the tool it will create a database "restuls.txt" for you, and add a few URL parameters to get you started. But you can add to or change the database as much as you wish and therefore, it's as powerful as you'd like it to be. It gives you realtime feedback and the option to save all the successful results. You'll also be happy to know it's open source, and I've also included a win32 compiled version (requires .NET 3.5+). Video tutorial here http://youtu.be/yvc4q7YWpdo
+
This tool will check a user defined website for potentially exploitable/ vulnerable URL's by comparing them against the URL extensions in the database, for instance if your target is http://google.com and in the database you have /wp-login.php it would then check if: http://google.com/wp-login.php is available on that site by checking the response. It's a form of of scanning to help you exploit and find weaknesses within the web server. The first time you run the tool it will create a database "restuls.txt" for you, and add a few URL parameters to get you started. But you can add to or change the database as much as you wish and therefore, it's as powerful as you'd like it to be. It gives you real time feedback and the option to save all the successful results. You'll also be happy to know it's open source, and I've also included a win32 compiled version (requires .NET 3.5+). Video tutorial here http://youtu.be/yvc4q7YWpdo
  
  
Line 32: Line 35:
  
  
== Presentation ==
 
  
Link to presentation
 
  
 +
== Project Leader ==
  
== Project Leader ==
+
[mailto:craig.fox@owasp.org Craig Fox (OWASP email)]
  
[mailto:craig.fox@owasp.org Craig Fox]
+
[http://www.dreamwalker-software.com/ Dreamwalker Software]
  
== Related Projects ==
+
[http://www.dream-walker.weebly.com/ DWS sub-domain]
  
 +
[http://pentest.co.uk/index.html Pentest Ltd]
  
== Ohloh ==
+
[https://www.facebook.com/Dreamwalker1986 fb profile]
  
 +
== Related Projects ==
  
| valign="top"  style="padding-left:25px;width:200px;" |
+
Visit Dreamwalker software page [http://www.dreamwalker-software.com/software.html here]
  
 
== Quick Download ==
 
== Quick Download ==
 +
[http://www.dreamwalker-software.com/uploads/2/5/3/9/25390328/url_checker_v3_pentest_edition.zip Direct download server #1]
 +
 +
[http://www.softpedia.com/dyn-postdownload.php/fe910f128856e49ea01d2e3fcb37a1bc/53a9f7bf/3c191/4/1 Softpedia Secure Download (US)]
 +
 +
[http://www.softpedia.com/dyn-postdownload.php/01b1561b5c70dbe4d9b4baf606d47604/53a9f7bf/3c191/5/1 Softpedia Secure Download (UK)]
  
* Link to page/download
 
  
 
== Email List ==
 
== Email List ==
 
[https://lists.owasp.org/mailman/listinfo/owasp_url_checker Sign up!]
 
[https://lists.owasp.org/mailman/listinfo/owasp_url_checker Sign up!]
 
== News and Events ==
 
 
 
 
== In Print ==
 
  
  
Line 81: Line 83:
 
=FAQs=
 
=FAQs=
  
; Q1
+
Coming soon
: A1
 
  
; Q2
+
= Acknowledgements =
: A2
 
  
= Acknowledgements =
 
 
==Volunteers==
 
==Volunteers==
 
URL Checker is developed by a worldwide team of volunteers. The primary contributors to date have been:
 
URL Checker is developed by a worldwide team of volunteers. The primary contributors to date have been:
  
* xxx
+
Lead developer [https://www.owasp.org/index.php/User:Mr_Craig_Fox Craig Fox]
* xxx
 
  
 
==Others==
 
==Others==
* xxx
+
 
* xxx
+
TBC
  
 
= Road Map and Getting Involved =
 
= Road Map and Getting Involved =
Line 105: Line 103:
 
You do not have to be a security expert in order to contribute.
 
You do not have to be a security expert in order to contribute.
 
Some of the ways you can help:
 
Some of the ways you can help:
* xxx
+
 
* xxx
+
Build upon the source, ensuring it's approved, tested and original credits are maintained.
 +
Use in testing, give feedback and distribute as much as possible
 +
Contribute ideas and suggestions
  
  

Revision as of 22:31, 24 June 2014

OWASP Project Header.jpg

OWASP URL Checker

Screen shot:

Urlscanscreen.jpeg


Introduction

An open source editable tool to scan websites for URL's which may lead to information divulging, exploits and common attack patterns.

Description

This tool will check a user defined website for potentially exploitable/ vulnerable URL's by comparing them against the URL extensions in the database, for instance if your target is http://google.com and in the database you have /wp-login.php it would then check if: http://google.com/wp-login.php is available on that site by checking the response. It's a form of of scanning to help you exploit and find weaknesses within the web server. The first time you run the tool it will create a database "restuls.txt" for you, and add a few URL parameters to get you started. But you can add to or change the database as much as you wish and therefore, it's as powerful as you'd like it to be. It gives you real time feedback and the option to save all the successful results. You'll also be happy to know it's open source, and I've also included a win32 compiled version (requires .NET 3.5+). Video tutorial here http://youtu.be/yvc4q7YWpdo


Licensing

OWASP URL Checker is free to use. It is licensed under the GNU GPL v3 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What is URL Checker?

OWASP URL Checker provides:

  • .exe (executable) and *.cpp (source)



Project Leader

Craig Fox (OWASP email)

Dreamwalker Software

DWS sub-domain

Pentest Ltd

fb profile

Related Projects

Visit Dreamwalker software page here

Quick Download

Direct download server #1

Softpedia Secure Download (US)

Softpedia Secure Download (UK)


Email List

Sign up!


Classifications

New projects.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_URL_Checker&oldid=177506"