{"uuid": "cedab428-0ed9-4eef-930a-de19aa48c0ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2007-1858", "type": "seen", "source": "https://t.me/information_security_channel/10087", "content": "Spaghetti is an Open-source Web Application Security Scanner, it is designed to find various default and insecure files, configurations, and misconfigurations.\n\nIt is built on Python 2.7 and can run on any platform which has a Python environment.\nFeatures of Spaghetti Web Application Security Scanner\nFingerprints\nServer\nWeb Frameworks (CakePHP, CherryPy,\u2026)\nWeb Application Firewall (Waf)\nContent Management System (CMS)\nOperating System (Linux, Unix,..)\nLanguage (PHP, Ruby,\u2026)\nCookie Security\n\nBruteforce\nAdmin Interface\nCommon Backdoors\nCommon Backup Directory\nCommon Backup File\nCommon Directory\nCommon File\nLog File\n\nDisclosure\nEmails\nPrivate IP\nCredit Cards\n\nAttacks\nHTML Injection\nSQL Injection\nLDAP Injection\nXPath Injection\nCross Site Scripting (XSS)\nRemote File Inclusion (RFI)\nPHP Code Injection\n\nOther\nHTTP Allow Methods\nHTML Object\nMultiple Index\nRobots Paths\nWeb Dav\nCross Site Tracing (XST)\nPHPINFO\n.Listing\n\nVulns\nShellShock\nAnonymous Cipher (CVE-2007-1858)\nCrime (SPDY) (CVE-2012-4929)\nStruts-Shock\n\nUsing Spaghetti Web Application Security Scanner\nroot@darknet:~/Spaghetti# python spaghetti.py\n\n  _____             _       _   _   _\n\n |   __|___ ___ ___| |_ ___| |_| |_|_|\n\n |__   | .\nRead the rest of Spaghetti Download \u2013 Web Application Security Scanner now! Only available at Darknet. (https://www.darknet.org.uk/2017/10/spaghetti-download-web-application-security-scanner/)", "creation_timestamp": "2017-10-17T20:54:29.000000Z"}