Tuesday, September 28, 2010

Inspath - Path Disclosure Finder

A tool that uses local source tree to make requests to the url and search for path inclusion error messages. It's ever a common problem in PHP web applications that we're hating to see for ever. We hope this tool triggers no path disclosure flaws any more. See our article about path disclosure.

Path disclosure vulnerability is also known as full or internal path disclosure.Usually, it's not a vulnerability. It's more of informational risk.But sometimes, it's a clue to Local File Inclusion vulnerability.It may sometimes be due to web server application mis-configuration which reveals error messages to web site visitors. Sometimes, an application itself generates debugging error messages.

Download: http://code.google.com

No comments: