Whisker

Whisker

Category: Vulnerability Scanners
Website: http://www.wiretrip.net/rfp/
Manufacturer: Rain Forest Puppy
Operating System: Unix/Linux

9
Security Threat Rating

Description:
Whisker is a web-server scanner that looks for many typed of vulnerabilities especially dangerous CGI scripts. A perl library, LibWhisker, is included to enable custom scanners to be built into Whisker. Scanning employs character encoding to make it unseen by most IDS solutions.

Strengths:
   · Hard to detect
   · Easily modified if you know perl
   · Many libraries available to add new scans
   · Free and open source

Weaknesses:
· No UI
· Confusing array of cmd line switches

Target:
Webservers

Mitigation/Recommendation:
Ensure no dangerous CGI scripts are enabled on your web server. Use Whisker or any other CGI scanner (eg. Nikto) to get a jump on the problem. Read http://www.w3.org/Security/Faq/wwwsf4.html

Price:
Free

Penetration (8):
High

Simplicity (3):
Moderate - advanced Requires moderate skill to start a scan and know what to scan for. Requires more advanced skill to interpret the results and know what to do with them. Modification and writing of custom scans requires security expertise as well as a knowledge of perl.

Damage Potential (2):
Minimal If your webserver has any dangerous CGI scripts, this tool can be used to find them. The user can then exploit that fact with an attack. Due to some low-key spoofing techniques this tool can slip by many IDS programs undetected