BlindElephant: Open Source Web Application Fingerprinting Engine

In this video recorded at Black Hat USA 2010, Patrick Thomas, a vulnerability researcher at Qualys, discusses the open source web application fingerprinting engine BlindElephant he created. BlindElephant is a tool that helps security professionals and systems administrators identify everything running on their servers, including any web applications users may have downloaded. It doesn’t check for vulnerabilities or vulnerability to a particular exploit, but rather what version of applications are running on their site. For each application that the tool will support, BlindElephant consumes a number of version directories. All files and directories are processed, and a hash is computed for each file. This hash is stored in a temporary table, along with the path and version of the application it came from. Accuracy of the tool was demonstrated by a large-scale survey on Internet-visible hosts.

2 Comments

  1. 2010-08-05 2:23 am
    • 2010-08-05 12:56 pm