24
edits
Security/Projects/Minion: Difference between revisions
Jump to navigation
Jump to search
→Basic Tool Requirements
No edit summary |
|||
| Line 47: | Line 47: | ||
====Zed Attack Proxy==== | ====Zed Attack Proxy==== | ||
Base options: URL | Base options: URL | ||
Optional: spider depth-level, CSRF tokens, authentication information, parameters to fuzz | Optional: spider depth-level, CSRF tokens, authentication information, parameters to fuzz | ||
====Garmr==== | ====Garmr==== | ||
Base options: URL | Base options: URL | ||
Optional: parameters to test | Optional: parameters to test | ||
Note: most options with Garmr involve output, which should be handled without interaction from the user. | Note: most options with Garmr involve output, which should be handled without interaction from the user. | ||
====Skipfish==== | ====Skipfish==== | ||
Base options: URL | Base options: URL | ||
Optional: authentication credentials, cookie values, non-standard header information, scan time limit (see http://code.google.com/p/skipfish/wiki/SkipfishDoc for a full list) | Optional: authentication credentials, cookie values, non-standard header information, scan time limit (see http://code.google.com/p/skipfish/wiki/SkipfishDoc for a full list) | ||
Note: Skipfish has a lot of additional options that include domains to exclude in crawling, domains to ignore in testing, wordlist generation, folder output, etc. To make it as easy to use as possible, the Skipfish plugin should include defaults for all of these options so that the user will never need to worry about the options. | Note: Skipfish has a lot of additional options that include domains to exclude in crawling, domains to ignore in testing, wordlist generation, folder output, etc. To make it as easy to use as possible, the Skipfish plugin should include defaults for all of these options so that the user will never need to worry about the options. | ||