scrubbr

scRUBYt : A Powerful Web Scraping Toolkit!

February 23, 2010 22:18 pm · 0 comments

by Black

in Open Source,Security Reconnaissance,Security tools

scRUBYt purpose is to free you from the drudgery of web page crawling, looking up HTML tags, attributes, XPaths, form names and other typical low-level web scraping stuff by figuring these out from your examples copy’n'pasted from the Web page or straight from Firebug.

2e7f9ac3a33824a16597d4f20ff1775f scRUBYt : A Powerful Web Scraping Toolkit!

scRUBYt is written in Ruby rails. There are many examples included such as:
- ebay.rb
- favicon.rb
- google.rb
- google_analytics.rb
- linkedin.rb
- ruby_quiz_189.rb
- twitter.rb
- yahoo.rb

These examples are very useful for web scraping, which can be used by security vulnerability security testers.

Source is also available! So, we can modify the source as per our environment requirement.

Installing scRUBYt on unix system:
Prerequisites:

gem install hpricot
gem install mechanize
gem install scrubyt

Download ScRUBYt version 0.4.3 here

Tagged as: ,

Be the first to comment!

owaspscrubbr – Search your databases for stored cross-site scripting (XSS) attacks.

March 14, 2009 14:00 pm · 0 comments

by Black

in Open Source,Penetration Testing,Web Application Penetration Testing

owaspscrubbr is a application penetration testing tool which i would like to use, or you can use to find vulnerable XSS and evade the database! Anyway, tools can be used according to human intentions. You use it according to your wishes.

Scrubbr is licensed under BSD. scrubbr is basically a database scanning tool that checks numerous database technologies for the presence of possible stored cross-site scripting attacks.

secdeadend owaspscrubbr Search your databases for stored cross site scripting (XSS) attacks.

owaspscrubbr was partially inspired by “Scrawlr”, a trimmed-down version of HP’s WebInspect which was released for free after the so-called “asprox” mass-SQL injection bot exploited hundreds of thousands of insecure ASP sites.

owaspscrubbr Security generously help people get some visibility into their databases and check for malicious data.

It is in its initial stages so it has many bugs and may not stand up to your expecttion, If we contribute to its development we can also make it a good opensource tool for information security.

owasp scrubbr will be very slow on large enterprise databases, but its very useful to have assurance that there is no malicious data anywhere in the system. depends onn how much data are you crawling on to.

Download owasp scrubbr Here

Have Fun !!!

Related Blogs

  • Related Blogs on appsec
  • Related Blogs on owasp
  • Working Session on SAMM at OWASP EU Summit | OpenSAMM
  • OWASP Software Assurance Day Infosec Conference Event
  • SAMM Presentation at OWASP NYC 2008 | OpenSAMM
  • Related Blogs on webappsec
  • 2009 – The Year of WebAppSec Solutions at cat slave diary

Tagged as: , , , , , , , ,

Be the first to comment!