Tools

DirBuster has moved to OWASP, the new home can be found here

DirBuster is now an OWASP project. And has moved to http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project

The move to OWASP brings a fantastic opportunity to help DirBuster progress and grow, while giving something back to an open source project that has contributed so much to the application security realm.

sidBuster - Available for download

Pure brute forcing of oracle sids

sidBuster is designed to brute force Oracle sids when they can not be obtained via the tns listener, as is the case for Oracle 10 and when a tns password has been set. Without knowing the database sid, attempts to identify default accounts and weak password will fail, other tools such as oscanner will attempt to guess the sid, based on a list of known sids, but if that fails you are unable to continue. sidBuster will conduct a pure brute force on the sid allowing (given time) all possible sids to otained.

yxorp - Under development

Port scan through HTTP reverse proxies.

Yxorp is a java based program able to port scan through http reverse proxy's, thus porentialy enabling the discovery of services either bound to the local interface or to a private internal address range.

sourceMap - Available for download

Perform port scan from a range of source ports at the same time.

SourceMap is designed to scan to a port from multiple different source ports, to aid in finding weaknesses in firewall rule sets. It is possible to scan ports on a host from all 65535 source ports, somthing that nmap could not do. SourceMap is a mutil threaded perl wrapper arround nmap.