Golismero
Golismero es una herramienta de seguridad desarrollada por OWASP orientada a realizar auditorías de páginas web para buscar posibles agujeros de seguridad existentes en estas, aunque también podría ser utilizado para buscar fallos en cualquier otro tipo de servicios (redes, servidores, etc.)
La herramienta puede recopilar y analizar resultados recogidos por otras herramientas de seguridad como sqlmap, xsser, openvas, dnsrecon, theharvester, etc.
La herramienta puede recopilar y analizar resultados recogidos por otras herramientas de seguridad como sqlmap, xsser, openvas, dnsrecon, theharvester, etc.
Descarga Golismero:
git clone https://github.com/golismero/golismero cd golismero python golismero.py -h
Uso básico Golismero:
python golismero.py http://stuxnethack.tk -o prueba.txt
Lo anterior nos guardara los resultados obtenidos del anális en el archivo prueba.txt que se guardará en la carpeta donde estamos ejecutando Golismero.
stuxnet@stuxnet:/media/Stuxnet/Pentesting/golismero$ python golismero.py http://stuxnethack.tk -o prueba.txt /----------------------------------------------\ | GoLismero 2.0.0b1 - The Web Knife | | Contact: golismero.project<@>gmail.com | | | | Daniel Garcia Garcia a.k.a cr0hn (@ggdaniel) | | Mario Vilas (@Mario_Vilas) | \----------------------------------------------/ GoLismero started at 2013-11-14 21:21:55.395471 [*] GoLismero: Audit name: golismero-DLTy3hgk [*] GoLismero: Audit database: golismero-DLTy3hgk.db [*] GoLismero: Added 3 new targets to the database. [*] GoLismero: Launching tests... [*] OS fingerprinting plugin: Started. [*] Robots.txt Analyzer: Started. [*] OS fingerprinting plugin: Started. [*] theHarvester: Started. [*] DNS zone transfer: Started. [*] DNS subdomain bruteforcer: Started. [*] DNS analyzer: Started. [*] Web Server fingerprinting plugin: Started. [*] Web Spider: Started. [*] Suspicious URL: Started. [!] OS fingerprinting plugin: [!] You can't run the platform detection plugin if you're not root. [*] OS fingerprinting plugin: Finished. [*] theHarvester: Searching keyword 'stuxnethack.tk' in google [*] theHarvester: 0.00% percent done... [*] Web Spider: Spidering URL: 'http://stuxnethack.tk/' [*] Suspicious URL: Finished. [*] DNS analyzer: Starting DNS analyzer plugin [*] DNS analyzer: 0.00% percent done... [*] DNS subdomain bruteforcer: 0.05% percent done... [*] DNS subdomain bruteforcer: 0.10% percent done... [*] DNS subdomain bruteforcer: 0.15% percent done... [*] DNS subdomain bruteforcer: 0.20% percent done... [*] DNS subdomain bruteforcer: 0.26% percent done... [*] DNS subdomain bruteforcer: 0.36% percent done... [*] DNS subdomain bruteforcer: 0.41% percent done... [*] DNS subdomain bruteforcer: 0.47% percent done... [*] DNS subdomain bruteforcer: 0.31% percent done... [*] theHarvester: Searching keyword 'stuxnethack.tk' in bing [*] theHarvester: 20.00% percent done... [*] DNS analyzer: 3.70% percent done... [*] DNS subdomain bruteforcer: 0.52% percent done... [*] DNS analyzer: 7.40% percent done... [*] DNS analyzer: 11.11% percent done... [*] DNS subdomain bruteforcer: 0.57% percent done... [*] DNS subdomain bruteforcer: 0.62% percent done... [*] DNS subdomain bruteforcer: 0.68% percent done... [*] DNS subdomain bruteforcer: 0.73% percent done... [*] DNS subdomain bruteforcer: 0.78% percent done... [*] DNS subdomain bruteforcer: 0.83% percent done... [*] DNS subdomain bruteforcer: 0.89% percent done... [*] DNS analyzer: 14.81% percent done... [*] DNS subdomain bruteforcer: 0.94% percent done... [*] DNS subdomain bruteforcer: 0.99% percent done... [*] DNS subdomain bruteforcer: 1.04% percent done... [*] DNS analyzer: 18.51% percent done... [*] DNS analyzer: 22.22% percent done... [*] DNS subdomain bruteforcer: 1.10% percent done... [*] DNS subdomain bruteforcer: 1.15% percent done... [*] DNS subdomain bruteforcer: 1.20% percent done... [*] DNS subdomain bruteforcer: 1.25% percent done... [*] DNS analyzer: 25.92% percent done... [*] DNS subdomain bruteforcer: 1.31% percent done... [*] DNS subdomain bruteforcer: 1.36% percent done... [*] DNS subdomain bruteforcer: 1.41% percent done... [*] DNS subdomain bruteforcer: 1.46% percent done... [*] DNS subdomain bruteforcer: 1.52% percent done... [*] DNS analyzer: 29.62% percent done... [*] DNS analyzer: 33.33% percent done... [*] DNS subdomain bruteforcer: 1.57% percent done... [*] DNS subdomain bruteforcer: 1.62% percent done... [*] DNS analyzer: 37.03% percent done... [*] DNS subdomain bruteforcer: 1.67% percent done... [*] DNS subdomain bruteforcer: 1.73% percent done... [*] DNS analyzer: 40.74% percent done... [*] DNS subdomain bruteforcer: 1.78% percent done... [*] DNS subdomain bruteforcer: 1.83% percent done... [*] DNS subdomain bruteforcer: 1.88% percent done... [*] DNS subdomain bruteforcer: 1.94% percent done... [*] DNS subdomain bruteforcer: 1.99% percent done... [*] DNS analyzer: 44.44% percent done... [*] DNS subdomain bruteforcer: 2.04% percent done... [*] DNS analyzer: 48.14% percent done... [*] DNS subdomain bruteforcer: 2.09% percent done... [*] DNS subdomain bruteforcer: 2.14% percent done... [*] DNS analyzer: 51.85% percent done... [*] DNS subdomain bruteforcer: 2.20% percent done... [*] DNS subdomain bruteforcer: 2.25% percent done... [*] DNS subdomain bruteforcer: 2.30% percent done... [*] DNS analyzer: 55.55% percent done... [*] DNS subdomain bruteforcer: 2.35% percent done... [*] DNS subdomain bruteforcer: 2.41% percent done... [*] DNS subdomain bruteforcer: 2.46% percent done... [*] DNS subdomain bruteforcer: 2.51% percent done... [*] DNS analyzer: 59.25% percent done... [*] DNS analyzer: 62.96% percent done... [*] DNS subdomain bruteforcer: 2.56% percent done... [*] DNS subdomain bruteforcer: 2.62% percent done... [*] DNS analyzer: 66.66% percent done... [*] DNS subdomain bruteforcer: 2.67% percent done... [*] DNS subdomain bruteforcer: 2.72% percent done... [*] DNS subdomain bruteforcer: 2.77% percent done... [*] DNS subdomain bruteforcer: 2.83% percent done... [*] DNS subdomain bruteforcer: 2.88% percent done... [*] DNS subdomain bruteforcer: 2.93% percent done... [*] DNS subdomain bruteforcer: 2.98% percent done... [*] DNS subdomain bruteforcer: 3.04% percent done... [*] DNS subdomain bruteforcer: 3.09% percent done... [*] DNS subdomain bruteforcer: 3.14% percent done... [*] DNS subdomain bruteforcer: 3.19% percent done... [*] DNS subdomain bruteforcer: 3.25% percent done... [*] DNS subdomain bruteforcer: 3.30% percent done... [*] DNS subdomain bruteforcer: 3.35% percent done... [*] theHarvester: Searching keyword 'stuxnethack.tk' in pgp [*] theHarvester: 40.00% percent done... [*] DNS zone transfer: Finished. [*] DNS subdomain bruteforcer: 3.40% percent done... [*] DNS subdomain bruteforcer: 3.46% percent done... [*] DNS subdomain bruteforcer: 3.51% percent done... [*] DNS subdomain bruteforcer: 3.56% percent done... [*] DNS subdomain bruteforcer: 3.61% percent done... [*] DNS subdomain bruteforcer: 3.67% percent done... [*] DNS subdomain bruteforcer: 3.72% percent done... [*] DNS subdomain bruteforcer: 3.77% percent done... [*] DNS subdomain bruteforcer: 3.82% percent done... [*] DNS subdomain bruteforcer: 3.88% percent done... [*] DNS subdomain bruteforcer: 3.93% percent done... [*] DNS subdomain bruteforcer: 3.98% percent done... [*] theHarvester: Searching keyword 'stuxnethack.tk' in exalead [*] theHarvester: 60.00% percent done... [*] DNS subdomain bruteforcer: 4.03% percent done... [*] DNS subdomain bruteforcer: 4.09% percent done... [*] DNS subdomain bruteforcer: 4.14% percent done... [*] DNS subdomain bruteforcer: 4.19% percent done... [*] DNS subdomain bruteforcer: 4.24% percent done... [*] DNS subdomain bruteforcer: 4.29% percent done... [*] DNS subdomain bruteforcer: 4.35% percent done... [*] DNS subdomain bruteforcer: 4.40% percent done... [*] DNS subdomain bruteforcer: 4.45% percent done... [*] DNS analyzer: 70.37% percent done... [*] DNS subdomain bruteforcer: 4.50% percent done... [*] DNS subdomain bruteforcer: 4.56% percent done... [*] DNS analyzer: 74.07% percent done... [*] DNS subdomain bruteforcer: 4.61% percent done... [*] DNS subdomain bruteforcer: 4.66% percent done... [*] DNS subdomain bruteforcer: 4.71% percent done... [*] DNS analyzer: 77.77% percent done... [*] DNS subdomain bruteforcer: 4.77% percent done... [*] DNS analyzer: 81.48% percent done... [*] DNS subdomain bruteforcer: 4.82% percent done... [*] DNS subdomain bruteforcer: 4.87% percent done... [*] DNS subdomain bruteforcer: 4.92% percent done... [*] DNS subdomain bruteforcer: 4.98% percent done... [*] DNS subdomain bruteforcer: 5.03% percent done... [*] DNS analyzer: 85.18% percent done... [*] DNS subdomain bruteforcer: 5.08% percent done... [*] DNS analyzer: 88.88% percent done... [*] DNS subdomain bruteforcer: 5.13% percent done... [*] DNS subdomain bruteforcer: 5.19% percent done... [*] DNS subdomain bruteforcer: 5.24% percent done... [*] DNS analyzer: 92.59% percent done... [*] DNS subdomain bruteforcer: 5.29% percent done... [*] DNS subdomain bruteforcer: 5.34% percent done... [*] DNS subdomain bruteforcer: 5.40% percent done... [*] DNS subdomain bruteforcer: 5.45% percent done... [*] DNS analyzer: 96.29% percent done... [*] DNS subdomain bruteforcer: 5.50% percent done... [*] DNS subdomain bruteforcer: 5.55% percent done... [*] DNS subdomain bruteforcer: 5.61% percent done... [*] DNS analyzer: Ending DNS analyzer plugin, found 7 registers [*] theHarvester: Started. [*] DNS zone transfer: Started. [*] DNS subdomain bruteforcer: Started. [*] DNS analyzer: Started. [*] DNS analyzer: Finished. [*] DNS subdomain bruteforcer: 5.66% percent done... [*] DNS subdomain bruteforcer: 5.71% percent done... [*] DNS subdomain bruteforcer: 5.76% percent done... [*] DNS subdomain bruteforcer: 5.82% percent done... [*] DNS subdomain bruteforcer: 5.87% percent done... [*] DNS subdomain bruteforcer: 5.92% percent done... [*] DNS subdomain bruteforcer: 5.97% percent done... [*] DNS subdomain bruteforcer: 6.03% percent done... [*] DNS subdomain bruteforcer: 6.08% percent done... [*] DNS subdomain bruteforcer: 6.13% percent done... [*] DNS subdomain bruteforcer: 6.18% percent done... [*] DNS subdomain bruteforcer: 6.24% percent done... [*] DNS subdomain bruteforcer: 6.29% percent done... [*] DNS subdomain bruteforcer: 6.34% percent done... [*] DNS subdomain bruteforcer: 6.39% percent done... [*] DNS subdomain bruteforcer: 6.44% percent done... [*] DNS subdomain bruteforcer: 6.50% percent done... [*] DNS subdomain bruteforcer: 6.55% percent done... [*] DNS subdomain bruteforcer: 6.60% percent done... [*] DNS subdomain bruteforcer: 6.65% percent done... [*] DNS subdomain bruteforcer: 6.71% percent done... [*] DNS subdomain bruteforcer: 6.76% percent done... [*] DNS subdomain bruteforcer: 6.81% percent done... [*] DNS subdomain bruteforcer: 6.86% percent done... [*] DNS subdomain bruteforcer: 6.92% percent done... [*] DNS subdomain bruteforcer: 6.97% percent done... [*] DNS subdomain bruteforcer: 7.02% percent done... [*] DNS subdomain bruteforcer: 7.07% percent done... [*] DNS subdomain bruteforcer: 7.13% percent done... [*] DNS subdomain bruteforcer: 7.18% percent done... [*] DNS subdomain bruteforcer: 7.23% percent done... [*] DNS subdomain bruteforcer: 7.28% percent done... [*] DNS subdomain bruteforcer: 7.34% percent done... [*] DNS subdomain bruteforcer: 7.39% percent done... [*] DNS subdomain bruteforcer: 7.44% percent done... [*] DNS subdomain bruteforcer: 7.49% percent done...
Posted By César Calderón
Amante de todo lo relacionado con la informática, GNU/Linux, Programador, Geek. Las organizaciones gastan millones de dólares en firewalls y dispositivos de seguridad, pero tiran el dinero porque ninguna de estas medidas cubre el eslabón más débil de la cadena de seguridad: la gente que usa y administra los ordenadores.
0 comentarios:
Publicar un comentario