Archive for the ‘ Languages ’ Category

Nikto2 – comprehensive web server scanner

Nikto2 | CIRT.net.

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is not designed as an overly stealthy tool. It will test a web server in the quickest time possible, and is fairly obvious in log files. However, there is support for LibWhisker’s anti-IDS methods in case you want to give it a try (or test your IDS system).
Not every check is a security problem, though most are. There are some items that are “info only” type checks that look for things that may not have a security flaw, but the webmaster or security engineer may not know are present on the server. These items are usually marked appropriately in the information printed. There are also some checks for unknown items which have been seen scanned for in log files.

Nikto is written by Chris Sullo and David Lodge.

Bash shortcuts on the command line

Even when you’re using the command line for quite a few years, you might have missed or forgotten some very handy shortcuts which are very useful in daily use.
The command to show the complete list:

bind -P | less

You can also create your own:

  • to go backward one word at time with ‘control-b’
$ bind '"\C-b"':backward-word
  • or launch an application
$ bind -x '"\C-e"':xeyes

I googled a bit around and came up with this nice table which summarizes some of the most useful shortcuts.

Bash Shortcuts Quick Reference
Ctrl-a Move to the start of the line.
Ctrl-e Move to the end of the line.
Ctrl-b Move back one character.
Alt-b Move back one word.
Ctrl-f Move forward one character.
Alt-f Move forward one word.
Ctrl-] x Where x is any character, moves the cursor forward to the next occurance of x.
Alt-Ctrl-] x Where x is any character, moves the cursor backwards to the previous occurance of x.
Ctrl-u Delete from the cursor to the beginning of the line.
Ctrl-k Delete from the cursor to the end of the line.
Ctrl-w Delete from the cursor to the start of the word.
Esc-Del Delete previous word (may not work, instead try Esc followed by Backspace)
Ctrl-y Pastes text from the clipboard.
Ctrl-l Clear the screen leaving the current line at the top of the screen.
Ctrl-x Ctrl-u Undo the last changes. Ctrl-_ does the same
Alt-r Undo all changes to the line.
Alt-Ctrl-e Expand command line.
Ctrl-r Incremental reverse search of history.
Alt-p Non-incremental reverse search of history.
!! Execute last command in history
!abc Execute last command in history beginning with abc
!abc:p Print last command in history beginning with abc
!n Execute nth command in history
!$ Last argument of last command
!^ First argument of last command
^abc^xyz Replace first occurance of abc with xyz in last command and execute it

Thanks to: http://www.ice2o.com/bash.php

There was also a very beautiful? But nevertheless very useful sheet out there which can help you out with even more bash shell shortcuts:

http://www.jamesconner.us/images/bash_sheet.png

Thanks to:http://www.jamesconner.us/images/bash_sheet.png

Map-Reduce With Ruby Using Hadoop

High Scalability – High Scalability – Map-Reduce With Ruby Using Hadoop.

Map-Reduce With Hadoop Using Ruby

A demonstration, with repeatable steps, of how to quickly fire-up a Hadoop cluster on Amazon EC2, load data onto the HDFS (Hadoop Distributed File-System), write map-reduce scripts in Ruby and use them to run a map-reduce job on your Hadoop cluster. You will not need to ssh into the cluster, as all tasks are run from your local machine. Below I am using my MacBook Pro as my local machine, but the steps I have provided should be reproducible on other platforms running bash and Java.

Fire-Up Your Hadoop Cluster

I choose the Cloudera distribution of Hadoop which is still 100% Apache licensed, but has some additional benefits. One of these benefits is that it is released by Doug Cutting, who started Hadoop and drove it’s development at Yahoo! He also started Lucene, which is another of my favourite Apache Projects, so I have good faith that he knows what he is doing. Another benefit, as you will see, is that it is simple to fire-up a Hadoop cluster……