Web application generally at the hit list of hackers and different hackers use different technique to find the bug (vulnerability) on web application to get the root access or to steal some information. Web application vulnerabilities like SQL-injection and cross site scripting are dangerous for web but as a penetration tester you need to test the security of a web application first step to hack or secure is to map the over all infrastructure, so golismero is wonderful tool that play the role to do this.
GoLISMERO help you to map an web application, displaying as confortable format for security auditor and preparing them for intergrate with other web hacking tools as w3af, wfuzz, netcat, nikto, etc
Map a web aplication.
Show all links and forms params as confortable format.
Save results with some formats: text, cvs, html, raw (for parsing with bash script) and wfuzz script.
Detect common vulnerabilites of web application.
Filter web information retaining only what is important.
- Many other features you can find very useful.
The documentation is pending. At this moment, only getting started are available:
English version: http://code.google.com/p/golismero/wiki/Getting_started_en
- Spanish version: http://code.google.com/p/golismero/wiki/Getting_started_es