Downloads Plugins Frequently Asked Questions Installation Notes Free Web Application Security Papers Extra Files scriptArchieve.php area
Sleuth Stuff

Main Site
Best Viewed w/ IE5+

  Sleuth Script Archive

Welcome to the Script Archive...

A beta of Sleuth Script 1.03 is out in the members section. New functionality includes new MDI interface, SSL support for the http client, support for global variables across scripts and more.

  • Back up file Brute forcer -
    Works off of the Sleuth Spider log. Retrieves the Urls from the database, generates a series of guesses for possible backup files names then brute forces away making raw http request for each while logging all hits.

  • Directory Brute Forcer -
    Reads a series of possible directory names from a textfile, combines them with a base url you specify and then makes raw http requests looking for hits. Useful for trying to find hidden directories on the server. Includes a basic "personal directories" wordlist.

  • WebForms & BasicAuth Brute forcer -
    2 sleuth scripts - one is an a form based brute forcer that will use a dictionary style attack on a web form using IE automation.

    The second is a Basic Auth brute forcer using the SS http raw request functionality. Example configuration files and setup instructions included.

  • Spider Log Url Dump - 11/30/03
    Lets you dump all the Urls from a scan to a flat text file.

  • Spider Import Url List - 11/30/03
    Imports text file of URLs into Spider log

  • World Writable Directory Scanner - 11/30/03
    Imports a URL list from either a saved Sleuth Spider Log, or from a textfile. Unique folder paths are then extracted and each directory tested to see if it is world writable.

Copyright 2000-2003 All Rights Reserved