In this video recorded at Black Hat USA 2010, Patrick Thomas, a vulnerability researcher at Qualys, discusses the open source web application fingerprinting engine BlindElephant he created. BlindElephant is a tool that helps security professionals and systems administrators identify everything running on their servers, including any web applications users may have downloaded. It doesn’t check for vulnerabilities or vulnerability to a particular exploit, but rather what version of applications are running on their site. For each application that the tool will support, BlindElephant consumes a number of version directories. All files and directories are processed, and a hash is computed for each file. This hash is stored in a temporary table, along with the path and version of the application it came from. Accuracy of the tool was demonstrated by a large-scale survey on Internet-visible hosts.
BlindElephant: Open Source Web Application Fingerprinting Engine
Submitted by HAL2001 2010-08-03 Privacy, Security 2 Comments
whats the difference between this and Tripwire and other Intrusion Detection systems?