RABBIT Vulnerability Scanner / News: Recent posts

We've added a new DiscoveryFingerPlugin!

This plugin uses google web search engine to find locations inside the target application.

You can find it in the development branch in the GIT.

We are really happy and excited to announce that we have integrated a new, totally rebuilt web frontend.

This new frontend is Django based, with a lot more functionality than the previous web frontend.

For now, it will only be available in the development branch in the GIT, but soon a new released will be published containing it. The reason of the delay is that the wiki has to be updated to cover the changes that were made since the last release.

A new RequestFilter plugin has been added to the RABBIT. This plugin holds a DNS Cache in order to reduce unnecesary DNS traffic that was involved in each Request.

The XSS Audit Plugin is released. It has been added to the Master branch of the GIT repository of the RABBIT.

Today we have released the 0.2 version of RABBIT Vulnerability Scanner.

In this release we have added the web front-end. Which is a much more user friendly front-end than the xml one. It can handle profiles. Right now it's lacking CSS but as soon as we have it we will upload it.

The framework's way of storing and handle options have changed. Now it's cleaner and works well.

Lastly, we have added a Remote File Inclusion audit plugin in this release.... read more

Today we've published RABBIT v0.1. It just has 2 audit plugins BlindSQLInjection and LocalFileInclusion.

The objective of this release is to introduce you the framework. And see how it is used. Though only one frontend available.

We are expecting to receive feedback from you! And if you make plugins, better!

Dependencies needed:

• Python 2.6
• Beautiful Soup library for python

I've added the LocalFileInclusion plugin to the master branch of the GIT. This is an AuditPlugin which, as the name states, searchs for Local File Inclusion Vulnerabilities.

A new plugin has been added to RABBIT. This plugin is a RequestFilterPlugin. It is used to enter webpages wich use basic auth authentication in the webserver.

To use it, create a file and enter <user>:<password> in a line. if more than one user password is needed, just enter them in the same format in newer lines.